First published: Tue Jun 11 2002(Updated: )
An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Outlook | =2002 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2002-0481 is considered a medium severity vulnerability as it allows remote attackers to execute scripts on a user's system.
To mitigate CVE-2002-0481, update Microsoft Outlook 2002 to the latest service pack or apply the relevant security patches.
CVE-2002-0481 specifically affects Microsoft Outlook version 2002.
Yes, CVE-2002-0481 can allow remote attackers to execute Javascript, potentially leading to malicious code execution.
Yes, CVE-2002-0481 exploits a vulnerability in Outlook's email handling that bypasses standard security settings.