VDB
GCVE-110-CERTCC-2004-323070
GCVE-110-CERTCC-2004-323070
Advisory Published
The Outlook Express MIME Encapsulation of Aggregate HTML Documents (MHTML) protocol handler does not adequately validate the source of alternate content. An attacker could exploit this vulnerability to access data and execute script in different security domains. By causing script to be run in the Local Machine Zone, the attacker could execute arbitrary code with the privileges of the user running the program that invoked the handler, typically Internet Explorer (IE).
Risk Scores
certcc-cam
certcc-cam
impact15population20exploitation20widely_known20score_current76.5ease_of_exploitation16
Aliases
References
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Outlook Express MHTML protocol handler does not properly validate source of alternate content
advisory
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.