Vulnerability Name:

CVE-2007-2227 (CCN-34623)

Assigned:2007-06-12
Published:2007-06-12
Updated:2018-10-16
Summary:The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability."
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: MISC
Type: UNKNOWN
http://archive.openmya.devnull.jp/2007.06/msg00060.html

Source: MITRE
Type: CNA
CVE-2007-2227

Source: MISC
Type: UNKNOWN
http://openmya.hacker.jp/hasegawa/security/ms07-034.txt

Source: OSVDB
Type: UNKNOWN
35346

Source: CCN
Type: SA25639
Microsoft Outlook Express and Windows Mail Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
25639

Source: CCN
Type: SECTRACK ID: 1018233
Outlook Express MHTML Protocol Handler Content-Disposition Bug Lets Remote Users Obtain Information

Source: CCN
Type: SECTRACK ID: 1018234
Windows Mail MHTML Protocol Handler Content-Disposition Bug Lets Remote Users Obtain Information

Source: CCN
Type: ASA-2007-256
MS07-034 Cumulative Security Update for Outlook Express and Windows Mail (929123)

Source: CCN
Type: Microsoft Security Bulletin MS07-034
Cumulative Security Update for Outlook Express and Windows Mail (929123)

Source: CCN
Type: OSVDB ID: 35346
Microsoft Outlook Express / Windows Mail MHTML Content Disposition Parsing Cross Domain Information Disclosure

Source: HP
Type: UNKNOWN
SSRT071438

Source: BUGTRAQ
Type: UNKNOWN
20070622 MS07-034: Executing arbitrary script with mhtml: protocol handler

Source: BID
Type: UNKNOWN
24410

Source: CCN
Type: BID-24410
Microsoft Outlook Express Content Disposition Parsing Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018233

Source: SECTRACK
Type: UNKNOWN
1018234

Source: CERT
Type: US Government Resource
TA07-163A

Source: VUPEN
Type: UNKNOWN
ADV-2007-2154

Source: MS
Type: UNKNOWN
MS07-034

Source: XF
Type: UNKNOWN
win-mhtml-cd-information-disclosure(34623)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2085

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:*:professional_x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
  • AND
  • cpe:/a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
  • AND
  • cpe:/a:microsoft:windows_mail:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:windows_mail:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:*:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:2085
    V
    		Content Disposition Parsing Cross Domain Information Disclosure Vulnerability
    2012-09-10
    BACK
    microsoft windows 2003 server *
    microsoft windows 2003 server * sp2
    microsoft windows 2003 server sp1
    microsoft windows 2003 server sp1
    microsoft windows 2003 server sp2
    microsoft windows xp *
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft outlook express 6.0
    microsoft windows vista * gold
    microsoft windows vista * gold
    microsoft windows mail *
    microsoft outlook express 6.0
    microsoft windows 2003_server
    microsoft windows xp sp2
    microsoft windows 2003_server sp1
    microsoft windows 2003_server sp1_itanium
    microsoft windows vista *
    microsoft windows mail *
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows vista -
    microsoft windows xp sp2