Microsoft Outlook Express v5.5,SP2 MHTML URL Processing VulnerabilityID: oval:org.mitre.oval:def:882 | Date: (C)2004-04-13 (M)2021-07-09 |
Class: VULNERABILITY | Family: windows |
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
Platform: |
Microsoft Windows 98 |
Microsoft Windows ME |
Microsoft Windows NT |
Microsoft Windows 2000 |
Product: |
Microsoft Outlook Express |