Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2002-0694
HistoryOct 10, 2002 - 4:00 a.m.

CVE-2002-0694

2002-10-1004:00:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
26
html help
microsoft windows
code execution
.chm files
remote attack

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.04 Low

EPSS

Percentile

92.0%

JSON

The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka “Code Execution via Compiled HTML Help File.”

Related

cvelist 1
openvas 2
nessus 1
cvelist
cvelist
CVE-2002-0694
2004-09-01 04:00:00
openvas
openvas
Unchecked Buffer in Windows Help (Q323255)
2005-11-03 00:00:00
Unchecked Buffer in Windows Help(Q323255)
2005-11-03 00:00:00
nessus
nessus
MS02-055: Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)
2002-10-24 00:00:00

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.04 Low

EPSS

Percentile

92.0%

JSON
Related for CVE-2002-0694
cvelist1openvas2nessus1