CVE-2002-0481
First published: Tue Jun 11 2002(Updated: )
An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Outlook | =2002 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-0481?
CVE-2002-0481 is considered a medium severity vulnerability as it allows remote attackers to execute scripts on a user's system.
How do I fix CVE-2002-0481?
To mitigate CVE-2002-0481, update Microsoft Outlook 2002 to the latest service pack or apply the relevant security patches.
What software is affected by CVE-2002-0481?
CVE-2002-0481 specifically affects Microsoft Outlook version 2002.
Can CVE-2002-0481 execute malicious code?
Yes, CVE-2002-0481 can allow remote attackers to execute Javascript, potentially leading to malicious code execution.
Is CVE-2002-0481 related to email security?
Yes, CVE-2002-0481 exploits a vulnerability in Outlook's email handling that bypasses standard security settings.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft outlook
- version/microsoft outlook/2002