CVE-2002-1056

Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:outlook:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2000:sr1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2000:sr1a:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*

History

20 Nov 2024, 23:40

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=101760380418890&w=2 - () http://marc.info/?l=bugtraq&m=101760380418890&w=2 -
References () http://online.securityfocus.com/archive/1/265621 - () http://online.securityfocus.com/archive/1/265621 -
References () http://www.iss.net/security_center/static/8708.php - () http://www.iss.net/security_center/static/8708.php -
References () http://www.securityfocus.com/bid/4397 - () http://www.securityfocus.com/bid/4397 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429 -

Information

Published : 2002-05-16 04:00

Updated : 2024-11-20 23:40


NVD link : CVE-2002-1056

Mitre link : CVE-2002-1056

CVE.ORG link : CVE-2002-1056


JSON object : View

Products Affected

microsoft

  • outlook
  • word