4.3
CVE-2007-2227
- EPSS 50.14%
- Published 12.06.2007 21:30:00
- Last modified 09.04.2025 00:30:58
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability."
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Outlook Express Version6.0
Microsoft ≫ Windows 2003 Server Editionx64
Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64
Microsoft ≫ Windows 2003 Server Versionsp1
Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium
Microsoft ≫ Windows 2003 Server Versionsp2 Editionitanium
Microsoft ≫ Windows Xp Editionprofessional_x64
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64
Microsoft ≫ Windows 2003 Server Versionsp1
Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium
Microsoft ≫ Windows 2003 Server Versionsp2 Editionitanium
Microsoft ≫ Windows Xp Editionprofessional_x64
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 50.14% | 0.977 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|