MS11-026: Vulnerability in MHTML Could Allow Information Disclosure (2503658)
Medium Nessus Plugin ID 53383
SynopsisThe remote Windows host is affected by an information disclosure vulnerability.
DescriptionA flaw exists in the way MHTML interprets MIME-formatted requests for content blocks within a document. An attacker, exploiting this flaw, could cause a victim to run malicious scripts when visiting various web sites, resulting in information disclosure.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.