The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

security bulletin CVE-2011-1894

Windows: script execution via MHTML

Synthesis of the vulnerability

An attacker can invite the victim to click on a "mhtml:" link, in order to execute script code on his computer.
Severity of this bulletin: 2/4.
Creation date: 15/06/2011.
Références of this threat: 2544893, BID-48205, CERTA-2011-AVI-345, CVE-2011-1894, MS11-037, VIGILANCE-VUL-10731.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The RFC 2557 defines the MHTML (MIME Encapsulation of HTML) format, which is used to store in one file an HTML document and its images . When the user clicks on a "mhtml:" url, Internet Explorer is called.

The HTML "EMBED" element is used to insert a document (audio, video, etc.) in an HTML page. However, EMBED elements can also contain script code, which is interpreted by Internet Explorer in the wrong security context.

An attacker can therefore invite the victim to click on a "mhtml:" link, in order to execute script code on his computer.
Full Vigil@nce bulletin... (Free trial)

This cybersecurity announce impacts software or systems such as Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 7, Windows 95, Windows Vista, Windows XP.

Our Vigil@nce team determined that the severity of this threat alert is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer weakness alert.

Solutions for this threat

Windows: patch for MHTML.
A patch is available:
Windows XP SP3
  http://www.microsoft.com/downloads/details.aspx?familyid=CE5BC2D7-9438-4BF0-BE5E-BE9DD00C3286
Windows XP x64 SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=7B211B02-A005-46A3-AD1D-D4BAAEEC8289
Windows 2003 SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=6427EA5D-05D0-4367-805C-9CB305802B3C
Windows 2003 x64 SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=E7F65891-32C0-4817-B3B2-D8BE73145DF9
Windows 2003 Itanium SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=CA8B1D09-9F80-417B-99B1-8F86E86E1F11
Windows Vista SP1, SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=EBEA38A7-1FBE-4141-A529-52D7A7326D6A
Windows Vista x64 SP1, SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=54833350-A385-4A31-995A-9DDC38798C21
Windows Server 2008 32-bit Gold, SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=6A3BBD67-94DB-40B2-8786-CB39A493EC92
Windows Server 2008 x64 Gold, SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=4CB870F3-9878-4075-B8FD-2EE90C8E3BC8
Windows Server 2008 Itanium Gold, SP2
  http://www.microsoft.com/downloads/details.aspx?familyid=E1243011-00E6-49F2-A676-C04CB805D36A
Windows 7 for 32-bit Gold, SP1
  http://www.microsoft.com/downloads/details.aspx?familyid=C3647646-658A-423B-B0CB-BBA7613B67E7
Windows 7 for x64 Gold, SP1
  http://www.microsoft.com/downloads/details.aspx?familyid=7996511D-4B8E-49C3-A0FA-4DA907A6C947
Windows Server 2008 R2 x64 Gold, SP1
  http://www.microsoft.com/downloads/details.aspx?familyid=40354F73-4F4D-4A4A-ABAC-F8A3D4C3AE5F
Windows Server 2008 R2 Itanium Gold, SP1
  http://www.microsoft.com/downloads/details.aspx?familyid=22853823-8F63-4258-8991-1AD50E58A0D9
The Microsoft announce indicates workarounds.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computer security bulletin. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The technology watch team tracks security threats targeting the computer system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.