7.5

CVE-2002-0193

EPSS 45.78%
Veröffentlicht 29.05.2002 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version5.0.1

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp1

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp2

Microsoft ≫ Internet Explorer Version6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	45.78%	0.975

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023

http://www.securityfocus.com/bid/4752

https://exchange.xforce.ibmcloud.com/vulnerabilities/9085

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A27

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A99

https://nvd.nist.gov/vuln/detail/CVE-2002-0193

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0193

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0193

EUVD