SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Client)  >   Windows Mail Vendors:   Microsoft
Windows Mail MHTML Protocol Handler Redirect Bug Lets Remote Users Obtain Information
SecurityTracker Alert ID:  1018232
SecurityTracker URL:  http://securitytracker.com/id/1018232
CVE Reference:   CVE-2007-2225   (Links to External Site)
Date:  Jun 12 2007
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Windows Mail. A remote user can obtain potentially sensitive information from a different domain in the target user's browser.

The MHTML protocol handler does not properly interpret HTTP headers when returning MHTML content.

A remote user can create HTML with a specially crafted MHTML URL that, when loaded by the target user, will allow the remote user to read information from the target user's browser in the context of a different domain.

Internet Explorer may be used as an attack vector, although the vulnerability itself resides in Windows Mail.

Microsoft credits SANS ISC with reporting this vulnerability.

Impact:   A remote user can create a URL that, when loaded by the target user, will read information from the target user's browser in the context of a different domain.
Solution:   Microsoft has issued the following fixes as part of a cumulative update for Microsoft Outlook and Windows Mail.

Windows XP Service Pack 2, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=27cca556-0872-4803-b610-4c895ceb99aa

Windows XP Professional x64 Edition, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=1ea813bf-bddb-40f0-8960-b9debc8413e7

Windows XP Professional x64 Edition Service Pack 2, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=1ea813bf-bddb-40f0-8960-b9debc8413e7

Windows Server 2003 Service Pack 1, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=93808a74-035c-4ab7-9283-c693d7bd82be

Windows Server 2003 Service Pack 2, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=93808a74-035c-4ab7-9283-c693d7bd82be

Windows Server 2003 x64 Edition, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=f63323a9-e285-45e5-84bd-71ae9da126e3

Windows Server 2003 x64 Edition Service Pack 2, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=f63323a9-e285-45e5-84bd-71ae9da126e3

Windows Server 2003 with SP1 for Itanium-based Systems, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=2e62e96e-6571-437d-a612-99175ac39025

Windows Server 2003 with SP2 for Itanium-based Systems, Microsoft Outlook Express 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=2e62e96e-6571-437d-a612-99175ac39025

Windows Vista, Windows Mail:

http://www.microsoft.com/downloads/details.aspx?FamilyId=ee57de19-44ea-48f2-ae28-e76fd2018633

Windows Vista x64 Edition, Windows Mail:

http://www.microsoft.com/downloads/details.aspx?FamilyId=343db20f-7794-4423-b11d-885329fbdf78

A restart is not required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms07-034.mspx (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Vista)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC