Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-1056 | First vendor Publication | 2002-05-16 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1056 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:205 | |||
Oval ID: | oval:org.mitre.oval:def:205 | ||
Title: | MS Outlook (Word 2000) RTF/HTML Script Execution Vulnerability | ||
Description: | Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2002-1056 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Word 2000 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:429 | |||
Oval ID: | oval:org.mitre.oval:def:429 | ||
Title: | MS Outlook (Word 2002) RTF/HTML Script Execution Vulnerability | ||
Description: | Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2002-1056 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 4 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
2061 | Microsoft Outlook HTML Mail Script Execution Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2003-03-06 | Name : Arbitrary code can be executed on the remote host through Word. File : smb_nt_ms02-021.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:45 |
|
2021-04-22 01:01:53 |
|
2020-05-23 00:15:04 |
|
2018-10-13 00:22:26 |
|
2017-10-10 09:23:24 |
|
2016-10-18 12:01:03 |
|
2016-04-26 12:15:17 |
|
2014-02-17 10:25:01 |
|
2013-05-11 12:11:41 |
|