3 matches found
MS02-021: Word Mail Reply Arbitrary Script Execution (321804)
Outlook 2000 and 2002 provide the option to use Microsoft Word as the email editor when creating and editing email in RTF or HTML. There is a flaw in some versions of Word that could allow an attacker to execute arbitrary code when the user replies to a specially formed message using Word. An...
CVE-2002-1056
CVE-2002-1056 affects Outlook 2000/2002 configured to use Word as the email editor. A flaw in Word allows a crafted reply/forwarded message to execute arbitrary scripts embedded in HTML/RTF, enabling remote code execution on the user’s host. The issue stems from Outlook/Word not blocking scripts ...
CVE-2002-1056
Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format RTF, which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or...