Lucene search

[email protected]CVE-2002-2100

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2100

2022-10-0316:23:49

[email protected]

web.nvd.nist.gov

microsoft outlook

2002

attachment download

bypass

html

iframe

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.9%

JSON

Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content.

Affected configurations

NVD

Node

microsoftoutlookMatch2000

microsoftoutlookMatch2002

CPENameOperatorVersion
microsoft:outlookmicrosoft outlookeq2000
microsoft:outlookmicrosoft outlookeq2002

CPE	Name	Operator	Version
microsoft:outlook	microsoft outlook	eq	2000
microsoft:outlook	microsoft outlook	eq	2002

References

archives.neohapsis.com/archives/bugtraq/2002-03/0267.html

www.iss.net/security_center/static/8611.php

www.securityfocus.com/bid/4334

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.9%

JSON

Related for CVE-2002-2100

cvelist1 nvd1