Executive Summary

Informations
Name CVE-2004-0380 First vendor Publication 2004-05-04
Vendor Cve Last vendor Modification 2018-10-12

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0380

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-58 Restful Privilege Elevation

CWE : Common Weakness Enumeration

% Id Name

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1010
 
Oval ID: oval:org.mitre.oval:def:1010
Title: Microsoft Outlook Express v6.0,SP1 MHTML URL Processing Vulnerability
Description: The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0380
 Version: 1
Platform(s): Microsoft Windows 98
Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
 Product(s): Microsoft Outlook Express
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1028
 
Oval ID: oval:org.mitre.oval:def:1028
Title: Microsoft Outlook Express v6.0 for Server 2003 MHTML URL Processing Vulnerability
Description: The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0380
 Version: 2
Platform(s): Microsoft Windows Server 2003
 Product(s): Microsoft Outlook Express
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:882
 
Oval ID: oval:org.mitre.oval:def:882
Title: Microsoft Outlook Express v5.5,SP2 MHTML URL Processing Vulnerability
Description: The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0380
 Version: 1
Platform(s): Microsoft Windows 98
Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000
 Product(s): Microsoft Outlook Express
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:990
 
Oval ID: oval:org.mitre.oval:def:990
Title: Microsoft Outlook Express v6.0 MHTML URL Processing Vulnerability
Description: The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0380
 Version: 4
Platform(s): Microsoft Windows XP
 Product(s): Microsoft Outlook Express
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

ExploitDB Exploits

id Description
2004-02-13 Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass Vulnerability

Open Source Vulnerability Database (OSVDB)

Id Description
5242 Microsoft IE/Outlook MHTML .chm ITS Protocol Handler Code Execution

Outlook Express contains a flaw in the handling of MHTML URLs that may allow a malicious user to execute remote code in the Local Machine security zone. The issue is triggered when OE receives a malformed CLSID parameter while parsing an MHTML URL. The ability to run remote code in the Local Machine security zone may allow a malicious user to gain control of the system, resulting in a loss of confidentiality, integrity, and/or availability.
3307 Microsoft IE showHelp() Zone Restriction Bypass

Snort® IPS/IDS

Date Description
2017-12-07 Microsoft Outlook Express mhtml code execution attempt
RuleID : 44735 - Revision : 2 - Type : SERVER-MAIL
2017-12-07 Microsoft Outlook Express mhtml code execution attempt
RuleID : 44734 - Revision : 2 - Type : SERVER-MAIL

Nessus® Vulnerability Scanner

Date Description
2004-04-13 Name : Arbitrary code can be executed on the remote host through the web client.
File : smb_nt_ms04-013.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/9105
http://www.securityfocus.com/bid/9658
BUGTRAQ http://www.securityfocus.com/archive/1/354447
http://www.securityfocus.com/archive/1/358913
CERT http://www.us-cert.gov/cas/techalerts/TA04-104A.html
CERT-VN http://www.kb.cert.org/vuls/id/323070
MISC http://www.k-otik.net/bugtraq/02.18.InternetExplorer.php
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04...
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECUNIA http://secunia.com/advisories/10523
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/15705

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2021-05-04 12:02:19
  • Multiple Updates
2021-04-22 01:02:28
  • Multiple Updates
2020-05-23 00:15:46
  • Multiple Updates
2018-10-13 00:22:29
  • Multiple Updates
2018-05-03 09:19:26
  • Multiple Updates
2017-07-11 12:01:26
  • Multiple Updates
2016-04-26 12:49:23
  • Multiple Updates
2014-02-17 10:27:26
  • Multiple Updates
2013-05-11 11:41:25
  • Multiple Updates