Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2002-0152

Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.

Published

2002-04-22T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application microsoft entourage 2001 Yes
Application microsoft entourage v._x Yes
Application microsoft excel 2001 Yes
Application microsoft excel x Yes
Application microsoft ie 5.1 Yes
Application microsoft office 2001 Yes
Application microsoft office 2001 Yes
Application microsoft office v.x Yes
Application microsoft outlook_express 5.0 Yes
Application microsoft outlook_express 5.0.1 Yes
Application microsoft outlook_express 5.0.2 Yes
Application microsoft outlook_express 5.0.3 Yes
Application microsoft powerpoint 98 Yes
Application microsoft powerpoint 2001 Yes
Application microsoft powerpoint v.x Yes
References