Back to search
CVE-2002-0481
Published: Jun 11, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20020321 How Outlook 2002 can still execute JavaScript in an HTML email message
mailing-list
x_refsource_BUGTRAQ
4340
vdb-entry
x_refsource_BID
outlook-iframe-javascript(8604)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now