New Search

MS Outlook (Word 2002) RTF/HTML Script Execution Vulnerability

oval:org.mitre.oval:def:429

Microsoft Outlook 2000 and 2002 when configured to use Microsoft Word as the email editor does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF) which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2002-1056
Product(s):
  • Microsoft Word 2002