MS11-037: Vulnerability in MHTML Could Allow Information Disclosure (2544893)
Medium Nessus Plugin ID 55117
SynopsisThe remote Windows host is affected by an information disclosure vulnerability.
DescriptionA flaw exists in the way MHTML interprets MIME-formatted requests for content blocks within a document. By exploiting the flaw, an attacker could cause a victim to run malicious scripts when visiting various websites that could result in information disclosure.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.