CVE-2004-0380 in Internet Explorerinfo

Summary

The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

04/05/2004

Disclosure

05/04/2004

Moderation

VulDB entry created

Entries

VDB-81833 (4)

CPE

ready

CWE

CWE-269 (Confirmed)

Exploit

Download

CVSS

5.3

EPSS

0.74413

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0380
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0380
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0380/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!