4.3
CVE-2007-2227
- EPSS 25.04%
- Veröffentlicht 12.06.2007 21:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:10
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Outlook Express Version6.0
Microsoft ≫ Windows 2003 Server Editionx64
Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64
Microsoft ≫ Windows 2003 Server Versionsp1
Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium
Microsoft ≫ Windows 2003 Server Versionsp2 Editionitanium
Microsoft ≫ Windows Xp Editionprofessional_x64
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64
Microsoft ≫ Windows 2003 Server Versionsp1
Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium
Microsoft ≫ Windows 2003 Server Versionsp2 Editionitanium
Microsoft ≫ Windows Xp Editionprofessional_x64
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 25.04% | 0.976 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
http://www.securityfocus.com/archive/1/471947/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA07-163A.html
http://www.vupen.com/english/advisories/2007/2154
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-034
http://secunia.com/advisories/25639
http://archive.openmya.devnull.jp/2007.06/msg00060.html
http://openmya.hacker.jp/hasegawa/security/ms07-034.txt
http://www.securityfocus.com/archive/1/472002/100/0/threaded
http://osvdb.org/35346
http://www.securityfocus.com/bid/24410
http://www.securitytracker.com/id?1018233
http://www.securitytracker.com/id?1018234
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2085