Vulnerability Details : CVE-2011-0096

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability."

Vulnerability category: Cross site scripting (XSS)

Published 2011-01-31 20:00:49

Updated 2019-02-26 14:04:01

Source Microsoft Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2011-0096

Probability of exploitation activity in the next 30 days: 97.24%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2011-0096

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	nvd@nist.gov
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2011-0096

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-0096

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-026

Microsoft Security Bulletin MS11-026 - Important | Microsoft Docs
http://www.securitytracker.com/id?1025003

Microsoft MHTML Input Validation Hole May Permit Cross-Site Scripting Attacks - SecurityTracker
http://www.us-cert.gov/cas/techalerts/TA11-102A.html

Microsoft Updates for Multiple Vulnerabilities | CISA
US Government Resource

CVEs referencing this url
http://www.kb.cert.org/vuls/id/326549

VU#326549 - Microsoft Windows MHTML script injection vulnerability
US Government Resource
http://www.microsoft.com/technet/security/advisory/2501696.mspx

Technical documentation, API, and code examples | Microsoft Docs
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0242

Webmail | OVH- OVH
Vendor Advisory
http://blogs.technet.com/b/srd/archive/2011/01/28/more-information-about-the-mhtml-script-injection-vulnerability.aspx

More information about the MHTML Script Injection vulnerability – Microsoft Security Response Center
http://www.80vul.com/webzine_0x05/0x05%20IE%E4%B8%8BMHTML%E5%8D%8F%E8%AE%AE%E5%B8%A6%E6%9D%A5%E7%9A%84%E8%B7%A8%E5%9F%9F%E5%8D%B1%E5%AE%B3.html

80vul.com
Exploit
http://blogs.technet.com/b/msrc/archive/2011/01/28/microsoft-releases-security-advisory-2501696.aspx

Microsoft releases Security Advisory 2501696 – Microsoft Security Response Center
http://www.exploit-db.com/exploits/16071

Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting - Windows local Exploit
Exploit
http://www.securityfocus.com/bid/46055

Microsoft Windows MHTML Script Code Injection Vulnerability
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6956

Repository / Oval Repository
https://exchange.xforce.ibmcloud.com/vulnerabilities/65000

Microsoft Windows MHTML information disclosure CVE-2011-0096 Vulnerability Report

Products affected by CVE-2011-0096

Microsoft » Windows Xp » Update SP2 X64 Edition
cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Update SP3
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2003 Server » Update SP2
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2003 Server » Update SP2 Itanium Edition
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2003 » Update SP2
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows Vista » Update SP1 X64 Edition
cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
Matching versions
Microsoft » Windows Vista » Update SP2
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows Vista » Update SP2 X64 Edition
cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
Matching versions
Microsoft » Windows Vista » Update SP1
cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Update SP2 X64 Edition
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Update SP2 X32 Edition
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » X32 Edition
cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » X64 Edition
cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Itanium Edition
cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Version: N/A Update SP2 Itanium Edition
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 X64 Edition
cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 Itanium Edition
cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*
Matching versions
Microsoft » Windows 7 » Version: N/A
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
Matching versions