exploitDog

CVE-2002-0481

Опубликовано: 12 авг. 2002

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.

Ссылки

http://online.securityfocus.com/archive/1/263429
Vendor Advisory
http://www.iss.net/security_center/static/8604.php
Vendor Advisory
http://www.securityfocus.com/bid/4340
Patch
Vendor Advisory
http://online.securityfocus.com/archive/1/263429
Vendor Advisory
http://www.iss.net/security_center/static/8604.php
Vendor Advisory
http://www.securityfocus.com/bid/4340
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06392

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-95hg-rr5j-v2vq

github

почти 4 года назад

An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.

EPSS

Процентиль: 91%

0.06392

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other