Vigil@nce: Outlook Express and Windows Mail, sensitive information recovery
August 2008 by Vigil@nce
SYNTHESIS
A remote attacker can recover information with victim’s privileges.
Gravity: 2/4
Consequences: data reading
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 13/08/2008
Identifier: VIGILANCE-VUL-8025
IMPACTED PRODUCTS
– Microsoft Windows 2000 [confidential versions]
– Microsoft Windows 2003 [confidential versions]
– Microsoft Windows 2008
– Microsoft Windows Vista [confidential versions]
– Microsoft Windows XP [confidential versions]
DESCRIPTION
MHTML format can save in a single file: a html file with pictures
and others elements constituting the webpage.
Windows Mail and Outlook Express softwares do not correctly
manage the loading of these kind of files, indeed MHTML protocol
handler does not correctly interprets HTML headers.
A malicious file can therefore use this vulnerability to recover
information with user rights.
CHARACTERISTICS
Identifiers: 951066, CVE-2008-1448, MS08-048, VIGILANCE-VUL-8025