The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP1 or SP2, Windows Server 2008 and SP2 or Windows 7 and is prone to an information disclosure vulnerability. A flaw is present in the MHTML implementation which fails to open a specially crafted URL. Successful exploitation allows remote attackers to inject a client-side script into the user's instance of Internet Explorer and could spoof content, disclose information, or take any action that the user could take on a web site.