Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer MT-ITS协议区域绕过漏洞
Vulnerability Description
Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer在处理MS-ITS InfoTech协议URL处理时存在问题,远程攻击者可以利用这个漏洞构建恶意页面,诱使用户处理,以系统权限执行恶意代码。 此漏洞可利用MS-ITS InfoTech协议URI处理器触发,使用这个协议可迫使浏览器通过重定向一个不存在的MHTML文件(使用其他已知漏洞)转到本地电脑安全域,在这种情况下,包含的恶意内容将会以本地电脑权限执行,如恶意CHM文件
CVSS Information
N/A
Vulnerability Type
N/A