CVE-2002-0193

Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*

History

20 Nov 2024, 23:38

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/4752 - () http://www.securityfocus.com/bid/4752 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/9085 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/9085 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A27 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A27 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A99 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A99 -

Information

Published : 2002-05-29 04:00

Updated : 2024-11-20 23:38


NVD link : CVE-2002-0193

Mitre link : CVE-2002-0193

CVE.ORG link : CVE-2002-0193


JSON object : View

Products Affected

microsoft

  • internet_explorer