Vulnerabilities > CVE-2004-0380 - Unspecified vulnerability in Microsoft Outlook Express 5.5/6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass Vulnerability. CVE-2004-0380. Remote exploit for windows platform id EDB-ID:23695 last seen 2016-02-02 modified 2004-02-13 published 2004-02-13 reporter anonymous source https://www.exploit-db.com/download/23695/ title Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass Vulnerability description Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability (2). CVE-2004-0380. Remote exploit for windows platform id EDB-ID:23401 last seen 2016-02-02 modified 2003-11-25 published 2003-11-25 reporter Liu Die Yu source https://www.exploit-db.com/download/23401/ title Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability 2 description Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability (1). CVE-2004-0380. Remote exploit for windows platform id EDB-ID:23400 last seen 2016-02-02 modified 2003-11-25 published 2003-11-25 reporter Liu Die source https://www.exploit-db.com/download/23400/ title Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability 1
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS04-013.NASL |
| description | The remote host has a version of Outlook Express that has a bug in its MHTML URL processor that could allow an attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to send a malformed email to a user of this host using Outlook, or would need to lure him into visiting a rogue website. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 12208 |
| published | 2004-04-13 |
| reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/12208 |
| title | MS04-013: Cumulative Update for Outlook Express (837009) |
Oval
accepted 2004-05-25T12:00:00.000-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation description The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." family windows id oval:org.mitre.oval:def:1010 status accepted submitted 2004-04-13T12:00:00.000-04:00 title Microsoft Outlook Express v6.0,SP1 MHTML URL Processing Vulnerability version 64 accepted 2005-10-19T05:47:00.000-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation
description The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." family windows id oval:org.mitre.oval:def:1028 status accepted submitted 2004-04-13T12:00:00.000-04:00 title Microsoft Outlook Express v6.0 for Server 2003 MHTML URL Processing Vulnerability version 66 accepted 2004-05-25T12:00:00.000-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation description The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." family windows id oval:org.mitre.oval:def:882 status accepted submitted 2004-04-13T12:00:00.000-04:00 title Microsoft Outlook Express v5.5,SP2 MHTML URL Processing Vulnerability version 64 accepted 2015-08-10T04:01:13.091-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
definition_extensions comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed oval oval:org.mitre.oval:def:208 description The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." family windows id oval:org.mitre.oval:def:990 status accepted submitted 2004-04-13T12:00:00.000-04:00 title Microsoft Outlook Express v6.0 MHTML URL Processing Vulnerability version 67
References
- http://secunia.com/advisories/10523
- http://www.kb.cert.org/vuls/id/323070
- http://www.k-otik.net/bugtraq/02.18.InternetExplorer.php
- http://www.securityfocus.com/archive/1/354447
- http://www.securityfocus.com/archive/1/358913
- http://www.securityfocus.com/bid/9105
- http://www.securityfocus.com/bid/9658
- http://www.us-cert.gov/cas/techalerts/TA04-104A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-013
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15705
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1010
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1028
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A882
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A990