CVE-2007-2227

3 documents3 sources
Severity
4.3MEDIUM
EPSS
52.5%
top 2.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Outlook Express
Timeline
PublishedJun 12
Latest updateMay 1

Description

The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-fpr8-hq4f-4x67: The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notification2022-05-01
CVEList
CVE-2007-2227: The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notification2007-06-12
CVE-2007-2227 (MEDIUM CVSS 4.3) | The MHTML protocol handler in Micro | cvebase.io