Vulnerabilities > CVE-2002-0152 - Buffer Overflow vulnerability in Multiple Microsoft Products for MacOS File URL

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2002-04-22

Updated: 2018-10-12

Summary

Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Entourage 2001 Microsoft Entourage V._X Microsoft Excel 2001 Microsoft Excel X Microsoft IE 5.1 Microsoft Office 2001 Microsoft Office V.X Microsoft Outlook Express 5.0 Microsoft Outlook Express 5.0.1 Microsoft Outlook Express 5.0.2 Microsoft Outlook Express 5.0.3 Microsoft Powerpoint 98 Microsoft Powerpoint 2001 Microsoft Powerpoint V.X	15

Summary

Vulnerable Configurations

References