CVE-2007-2225

3 documents3 sources
Severity
4.3MEDIUM
EPSS
51.9%
top 2.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Outlook Express
Timeline
PublishedJun 12
Latest updateMay 1

Description

A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-8mcc-528j-m5qc: A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML proto2022-05-01
CVEList
CVE-2007-2225: A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML proto2007-06-12
CVE-2007-2225 (MEDIUM CVSS 4.3) | A component in Microsoft Outlook Ex | cvebase.io