CVE-2002-1056
Published May 16, 2002
Last updated 6 years ago
Overview
- Description
- Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:outlook:2000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D52F17AB-2C87-4C1A-91B5-267ABBCF5844"
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FE6EAE0-5A8F-4A97-950B-879379A3C0F8"
},
{
"criteria": "cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEBFF713-0884-43BF-9AB8-777664FD64AF"
},
{
"criteria": "cpe:2.3:a:microsoft:word:2000:sr1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEE7CC21-A458-49BB-B437-D5DF09339D83"
},
{
"criteria": "cpe:2.3:a:microsoft:word:2000:sr1a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CFD9BC0-8755-4C3B-A198-A7F2DEFA82AD"
},
{
"criteria": "cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D90B1E1-23CD-4595-AD78-DA1758E9896D"
}
],
"operator": "OR"
}
]
}
]