VULHUB ™

Microsoft Internet Explorer fails to perform sufficient bounds checking on .mht files. If the data encoded within the .mht file is executable or the Content-Type is not defined and has 'MZP' encoded within, a buffer will be overrun and Internet Explorer will fail. Arbitrary code execution in the security context of Internet Explorer may also be possible. Applications that rely on Internet Explorer to render HTML content, such as Outlook and Outlook Express may also be vulnerable.

Microsoft Internet Explorer fails to perform sufficient bounds checking on .mht files. If the data encoded within the .mht file is executable or the Content-Type is not defined and has 'MZP' encoded within, a buffer will be overrun and Internet Explorer will fail. Arbitrary code execution in the security context of Internet Explorer may also be possible. Applications that rely on Internet Explorer to render HTML content, such as Outlook and Outlook Express may also be vulnerable.