Vigil@nce: Outlook Express and Windows Mail, sensitive information recovery
August 2008 by Vigil@nce
SYNTHESIS
A remote attacker can recover information with victim’s privileges.
Gravity: 2/4
Consequences: data reading
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 13/08/2008
Identifier: VIGILANCE-VUL-8025
IMPACTED PRODUCTS
Microsoft Windows 2000 [confidential versions]
Microsoft Windows 2003 [confidential versions]
Microsoft Windows 2008
Microsoft Windows Vista [confidential versions]
Microsoft Windows XP [confidential versions]
DESCRIPTION
MHTML format can save in a single file: a html file with pictures and others elements constituting the webpage.
Windows Mail and Outlook Express softwares do not correctly manage the loading of these kind of files, indeed MHTML protocol handler does not correctly interprets HTML headers.
A malicious file can therefore use this vulnerability to recover information with user rights.
CHARACTERISTICS
Identifiers: 951066, CVE-2008-1448, MS08-048, VIGILANCE-VUL-8025
Tweeter