CVE-ID

CVE-2002-0980

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20020821 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20050609)
Votes (Legacy)
ACCEPT(1) Baker
MODIFY(1) Frech
NOOP(5) Armstrong, Christey, Cole, Cox, Foat
REVIEWING(1) Wall
Comments (Legacy)
 Christey> ADDREF MS:MS03-014
   URL:http://www.microsoft.com/technet/security/bulletin/ms03-014.asp
   (it explicitly mentions this CAN).
   
   Note: MS03-014 places the blame on Outlook, not IE.
 Frech> XF:ie-webfolder-script-injection(9881)
 Christey> MS:MS03-014
   URL:http://www.microsoft.com/technet/security/bulletin/ms03-014.asp
   
   The following Bugtraq post appears to involve a different
   attack vector than is currently described:
   
   BUGTRAQ:20030225 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
   URL:http://www.securityfocus.com/archive/1/313174
   
   *** FROM THE CVE PERSPECTIVE, THERE IS INSUFFICIENT PUBLIC
   *** INFORMATION TO BE CERTAIN WHETHER THE ABOVE POST IS TRULY
   *** ADDRESSED BY MS:MS03-014 OR NOT.  THEREFORE IT IS NOT
   *** CERTAIN WHETHER THE ABOVE REFERENCE SHOULD BE ADDED TO
   *** THIS ENTRY OR NOT.
   
   The exploit from this Bugtraq post is being used in the
   "W32/Mimail@MM" mail worm of July/August 2003.
   
   Also see: http://www.microsoft.com/security/incident/mimail.asp
   
   Also see: http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.a@mm.html

Proposed (Legacy)
20020830
This is an entry on the CVE list, which standardizes names for security problems.