HTTP: MHTML Encoding Cross Domain Information Disclosure
This signature detects MHTML links within Web pages using encoding to bypass domain data partitioning. Windows Internet Explorer 6 and 7 with Outlook Express and Windows Mail are affected. This vulnerability could allow an attacker access to information stored in cookies from other domains, including usernames, passwords, social security numbers, credit card numbers, and other sensitive data.
Extended Description
A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability."
References
BugTraq: 24392
CVE: CVE-2007-2225
URL: http://www.microsoft.com/technet/security/Bulletin/MS07-034.mspx
Short Name
HTTP:STC:MHTML-CDI
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2007-2225 Cross Disclosure Domain Encoding Information MHTML bid:24392
Release Date
06/12/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
CVSS Score
4.3