PT-2007-3563 · Microsoft · Windows Vista+3

Published

2007-06-12

Updated

2018-10-16

CVE-2007-2225

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Outlook Express version 6 Windows Mail in Windows Vista

Description A component does not properly handle certain HTTP headers when processing MHTML protocol URLs, allowing remote attackers to obtain sensitive information from other Internet Explorer domains.

Recommendations For Microsoft Outlook Express version 6, update to a version that properly handles HTTP headers for MHTML protocol URLs. For Windows Mail in Windows Vista, apply the necessary configuration changes to ensure proper handling of HTTP headers for MHTML protocol URLs.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2225

Affected Products

Internet Explorer

Outlook Express

Windows Mail

Windows Vista

PT-2007-3563 · Microsoft · Windows Vista+3

CVE-2007-2225

Related Identifiers

Affected Products

References · 15