{"api_version":"1","generated_at":"2026-04-23T15:08:18+00:00","cve":"CVE-2008-1448","urls":{"html":"https://cve.report/CVE-2008-1448","api":"https://cve.report/api/cve/CVE-2008-1448.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2008-1448","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2008-1448"},"summary":{"title":"CVE-2008-1448","description":"The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka \"URL Parsing Cross-Domain Information Disclosure Vulnerability.\"","state":"PUBLISHED","assigner":"microsoft","published_at":"2008-08-13 00:41:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.1","severity":"","vector":"AV:N/AC:M/Au:N/C:C/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:N/A:N","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.securityfocus.com/archive/1/495458/100/0/threaded","name":"http://www.securityfocus.com/archive/1/495458/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/30585","name":"http://www.securityfocus.com/bid/30585","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Microsoft Outlook Express And Windows Mail MHTML Handler Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://marc.info/?l=bugtraq&m=121915960406986&w=2","name":"http://marc.info/?l=bugtraq&m=121915960406986&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2008/2352","name":"http://www.vupen.com/english/advisories/2008/2352","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.us-cert.gov/cas/techalerts/TA08-225A.html","name":"http://www.us-cert.gov/cas/techalerts/TA08-225A.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"],"title":"US-CERT Technical Cyber Security Alert TA08-225A -- Microsoft Updates for Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/31415","name":"http://secunia.com/advisories/31415","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Internet Explorer MHTML Protocol Handler Cross-Domain Information Disclosure - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5886","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5886","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1020680","name":"http://www.securitytracker.com/id?1020680","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Windows Mail MTHML Redirect Bug Lets Remote Users Obtain Information","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1020679","name":"http://www.securitytracker.com/id?1020679","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Microsoft Outlook Express MTHML Redirect Bug Lets Remote Users Obtain Information","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.coresecurity.com/content/internet-explorer-zone-elevation","name":"http://www.coresecurity.com/content/internet-explorer-zone-elevation","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-048","name":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-048","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Microsoft Security Bulletin MS08-048 - Important | Microsoft Docs","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2008-1448","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1448","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2008","cve_id":"1448","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"outlook_express","cpe6":"5.5","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"1448","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"outlook_express","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"1448","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"outlook_express","cpe6":"6.0","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"1448","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"windows_mail","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T08:24:41.805Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1020679","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1020679"},{"name":"30585","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/30585"},{"name":"TA08-225A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"http://www.us-cert.gov/cas/techalerts/TA08-225A.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.coresecurity.com/content/internet-explorer-zone-elevation"},{"name":"MS08-048","tags":["vendor-advisory","x_refsource_MS","x_transferred"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-048"},{"name":"1020680","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1020680"},{"name":"HPSBST02360","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=121915960406986&w=2"},{"name":"SSRT080117","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=121915960406986&w=2"},{"name":"20080813 CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/495458/100/0/threaded"},{"name":"31415","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/31415"},{"name":"ADV-2008-2352","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/2352"},{"name":"oval:org.mitre.oval:def:5886","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5886"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-08-12T00:00:00.000Z","descriptions":[{"lang":"en","value":"The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka \"URL Parsing Cross-Domain Information Disclosure Vulnerability.\""}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-12T19:57:01.000Z","orgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","shortName":"microsoft"},"references":[{"name":"1020679","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1020679"},{"name":"30585","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/30585"},{"name":"TA08-225A","tags":["third-party-advisory","x_refsource_CERT"],"url":"http://www.us-cert.gov/cas/techalerts/TA08-225A.html"},{"tags":["x_refsource_MISC"],"url":"http://www.coresecurity.com/content/internet-explorer-zone-elevation"},{"name":"MS08-048","tags":["vendor-advisory","x_refsource_MS"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-048"},{"name":"1020680","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1020680"},{"name":"HPSBST02360","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=121915960406986&w=2"},{"name":"SSRT080117","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=121915960406986&w=2"},{"name":"20080813 CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/495458/100/0/threaded"},{"name":"31415","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/31415"},{"name":"ADV-2008-2352","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/2352"},{"name":"oval:org.mitre.oval:def:5886","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5886"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secure@microsoft.com","ID":"CVE-2008-1448","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka \"URL Parsing Cross-Domain Information Disclosure Vulnerability.\""}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1020679","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1020679"},{"name":"30585","refsource":"BID","url":"http://www.securityfocus.com/bid/30585"},{"name":"TA08-225A","refsource":"CERT","url":"http://www.us-cert.gov/cas/techalerts/TA08-225A.html"},{"name":"http://www.coresecurity.com/content/internet-explorer-zone-elevation","refsource":"MISC","url":"http://www.coresecurity.com/content/internet-explorer-zone-elevation"},{"name":"MS08-048","refsource":"MS","url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-048"},{"name":"1020680","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1020680"},{"name":"HPSBST02360","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=121915960406986&w=2"},{"name":"SSRT080117","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=121915960406986&w=2"},{"name":"20080813 CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/495458/100/0/threaded"},{"name":"31415","refsource":"SECUNIA","url":"http://secunia.com/advisories/31415"},{"name":"ADV-2008-2352","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/2352"},{"name":"oval:org.mitre.oval:def:5886","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5886"}]}}}},"cveMetadata":{"assignerOrgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","assignerShortName":"microsoft","cveId":"CVE-2008-1448","datePublished":"2008-08-13T00:00:00.000Z","dateReserved":"2008-03-21T00:00:00.000Z","dateUpdated":"2024-08-07T08:24:41.805Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2008-08-13 00:41:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:N/A:N","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:outlook_express:5.5:sp2:*:*:*:*:*:*","matchCriteriaId":"589E5F7F-5429-4050-8C0D-F7F8D18DEB3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*","matchCriteriaId":"85FD3557-956D-4A96-8AA5-5FD9DB87FD11"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:outlook_express:6.0:sp1:*:*:*:*:*:*","matchCriteriaId":"D45F2775-A10B-4834-A2EF-7498EEAB155D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:windows_mail:*:*:*:*:*:*:*:*","matchCriteriaId":"0BDD015F-267D-4E33-885B-6A14F493CCC5"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2008","CveId":"1448","Ordinal":"1","Title":"CVE-2008-1448","CVE":"CVE-2008-1448","Year":"2008"},"notes":[{"CveYear":"2008","CveId":"1448","Ordinal":"1","NoteData":"The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka \"URL Parsing Cross-Domain Information Disclosure Vulnerability.\"","Type":"Description","Title":"CVE-2008-1448"},{"CveYear":"2008","CveId":"1448","Ordinal":"2","NoteData":"2008-08-12","Type":"Other","Title":"Published"},{"CveYear":"2008","CveId":"1448","Ordinal":"3","NoteData":"2018-10-12","Type":"Other","Title":"Modified"}]}}}