7.5

CVE-2002-1056

EPSS 16.38%
Published 16.05.2002 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Outlook Version2000

Microsoft ≫ Outlook Version2002

Microsoft ≫ Word Version2000

Microsoft ≫ Word Version2000 Updatesr1

Microsoft ≫ Word Version2000 Updatesr1a

Microsoft ≫ Word Version2002

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	16.38%	0.943

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=101760380418890&w=2

http://online.securityfocus.com/archive/1/265621

http://www.iss.net/security_center/static/8708.php

http://www.securityfocus.com/bid/4397

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429

https://nvd.nist.gov/vuln/detail/CVE-2002-1056

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-1056

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-1056

EUVD