Vulnerabilities > Microsoft > Windows Mail
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-8305 | Information Exposure vulnerability in Microsoft Windows Calendar, Windows Mail and Windows People An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka "Windows Mail Client Information Disclosure Vulnerability." This affects Mail, Calendar, and People in Windows 8.1 App Store. | 4.3 |
| 2008-08-13 | CVE-2008-1448 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Outlook Express and Windows Mail The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka "URL Parsing Cross-Domain Information Disclosure Vulnerability." | 7.1 |
| 2007-10-09 | CVE-2007-3897 | Buffer Errors vulnerability in Microsoft Outlook Express and Windows Mail Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption. | 9.3 |
| 2007-06-12 | CVE-2007-2227 | Information Disclosure vulnerability in Microsoft Outlook Express and Windows Mail The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability." network microsoft | 4.3 |
| 2007-06-12 | CVE-2007-2225 | Information Disclosure vulnerability in Microsoft Outlook Express and Windows Mail A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability." network microsoft | 4.3 |