CVE-2002-0152 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Entourage

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

22.6%

top 4.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Entourage Microsoft Excel Microsoft IE +3 more

Timeline

PublishedApr 22

Latest updateApr 30

Description

Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages6 packages

▶NVDmicrosoft/outlook_express4 versions+3

▶NVDmicrosoft/excel2001, x+1

▶NVDmicrosoft/entourage2001, v._x+1

▶NVDmicrosoft/powerpoint2001, 98, v.x+2

▶NVDmicrosoft/ie5.1

🔴Vulnerability Details

GHSA

GHSA-557m-3v2g-5mj5: Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code↗2022-04-30

▶

CVEList

CVE-2002-0152: Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code↗2002-06-25

▶