CVE-2007-2225

NONECVSS 0.0

0.0

A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability."

🔗 References (28)

secure@microsofthttp://archive.openmya.devnull.jp/2007.06/msg00060.html
secure@microsofthttp://openmya.hacker.jp/hasegawa/security/ms07-034.txt
secure@microsofthttp://osvdb.org/35345
secure@microsofthttp://secunia.com/advisories/25639
secure@microsofthttp://www.kb.cert.org/vuls/id/682825
secure@microsofthttp://www.securityfocus.com/archive/1/471947/100/0/threaded
secure@microsofthttp://www.securityfocus.com/archive/1/472002/100/0/threaded
secure@microsofthttp://www.securityfocus.com/bid/24392
secure@microsofthttp://www.securitytracker.com/id?1018231
secure@microsofthttp://www.securitytracker.com/id?1018232
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA07-163A.html
secure@microsofthttp://www.vupen.com/english/advisories/2007/2154
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-034
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2045
af854a3a-2127-422b-91ae-364da2661108http://archive.openmya.devnull.jp/2007.06/msg00060.html

Is Your Infrastructure Affected by CVE-2007-2225?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-2225

📅 Published

🔄 Last Modified

🔗 References (28)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-2225?