CVE-2002-1056
First published: Thu May 16 2002(Updated: )
Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Outlook | =2000 | |
| Microsoft Word | =2000 | |
| Microsoft Word | =2000-sr1a | |
| Microsoft Word | =2002 | |
| Microsoft Outlook | =2002 | |
| Microsoft Word | =2000-sr1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://online.securityfocus.com/archive/1/265621
- http://www.securityfocus.com/bid/4397
- http://www.iss.net/security_center/static/8708.php
- http://marc.info/?l=bugtraq&m=101760380418890&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- agent/tags
- agent/author
- agent/event
- vendor/microsoft
- canonical/microsoft outlook
- version/microsoft outlook/2000
- canonical/microsoft word
- version/microsoft word/2000
- version/microsoft word/2000-sr1a
- version/microsoft word/2002
- version/microsoft outlook/2002
- version/microsoft word/2000-sr1