VDB

GCVE-110-CERTCC-2004-323070

GCVE-110-CERTCC-2004-323070
Advisory Published
Vulnetix · Advisory published November 25, 2003
The Outlook Express MIME Encapsulation of Aggregate HTML Documents (MHTML) protocol handler does not adequately validate the source of alternate content. An attacker could exploit this vulnerability to access data and execute script in different security domains. By causing script to be run in the Local Machine Zone, the attacker could execute arbitrary code with the privileges of the user running the program that invoked the handler, typically Internet Explorer (IE).

Risk Scores

certcc-cam
certcc-cam
impact15population20exploitation20widely_known20score_current76.5ease_of_exploitation16

References

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›