An information disclosure vulnerability is present in MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008, SP2, and Windows 7ID: oval:org.secpod.oval:def:1168 | Date: (C)2011-05-25 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP1 or SP2, Windows Server 2008 and SP2 or Windows 7 and is prone to an information disclosure vulnerability. A flaw is present in the MHTML implementation which fails to open a specially crafted URL. Successful exploitation allows remote attackers to inject a client-side script into the user's instance of Internet Explorer and could spoof content, disclose information, or take any action that the user could take on a web site.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |