Cumulative Patch for Outlook Express

By TS | Thomas
Apr 23, 2003
  1. A vulnerability exists in the MHTML URL Handler that allows any file that can be rendered as text to be opened & rendered as part of a page in Internet Explorer. As a result, it would be possible to construct a URL that referred to a text file that was stored on the local computer & have that file render as HTML. If the text file contained script, that script would execute when the file was accessed. Since the file would reside on the local computer, it would be rendered in the Local Computer Security Zone. Files that are opened within the Local Computer Zone are subject to fewer restrictions than files opened in other security zones.

    Affected Software:
    Microsoft Outlook Express 5.5
    Microsoft Outlook Express 6.0

    Patch availability
    Microsoft Outlook Express
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...