MS KB2501696: Vulnerability in MHTML Could Allow Information Disclosure

Medium Nessus Plugin ID 51837


The remote Windows host is affected by an information disclosure vulnerability.


A flaw exists in the way MHTML interprets MIME-formatted requests for content blocks within a document. An attacker, exploiting this flaw, could cause a victim to run malicious scripts when visiting various websites, resulting in information disclosure.


Consider applying the workaround provided by Microsoft.

Note, though, that applying the workaround may lead to some websites working incorrectly.

See Also

Plugin Details

Severity: Medium

ID: 51837

File Name: smb_kb2501696.nasl

Version: $Revision: 1.9 $

Type: local

Agent: windows

Family: Windows

Published: 2011/02/01

Modified: 2017/08/30

Dependencies: 13855

Risk Information

Risk Factor: Medium


Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated, SMB/WindowsVersion

Reference Information

CVE: CVE-2011-0096

BID: 46055

OSVDB: 70693

Secunia: 43093

MSKB: 2501696