Information disclosure vulnerability in MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008, SP2, and Windows 7ID: oval:org.secpod.oval:def:287 | Date: (C)2011-03-04 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP1 or SP2, Windows Server 2008 and SP2 or Windows 7 and is prone to information disclosure vulnerability. A flaw is present in MHTML implementation which fails to properly handle MIME format in a request for content blocks in a document. Successful exploitation allows remote attackers to obtain sensitive information via a crafted web site visited using Internet Explorer.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |