Published: 24/09/2002 Updated: 23/07/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote malicious users to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 5.5
microsoft internet explorer 6.0

source: wwwsecurityfocuscom/bid/5473/info Microsoft Outlook Express introduced a URL handler called MHTML (MIME Encapsulation of Aggregate HTML) This allows Internet Explorer to pass MHTML files to Outlook Express for rendering The MHTML URL handler does not validate the file type it is rendering This could allow a file type that is n ...

NVD-CWE-Other http://www.securityfocus.com/bid/5473 http://www.iss.net/security_center/static/9881.php http://marc.info/?l=ntbugtraq&m=102937705527922&w=2 http://marc.info/?l=vuln-dev&m=102943486811091&w=2 http://marc.info/?l=bugtraq&m=102942234427691&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-014 https://nvd.nist.gov https://www.exploit-db.com/exploits/21711/https://www.kb.cert.org/vuls/id/208052

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0980

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect