Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0193Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
45.8%
top 2.36%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedMay 29
Latest updateApr 30

Description

Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.0.1, 6.0+1

🔴Vulnerability Details

1
GHSA
GHSA-9529-88rc-3q6r: Microsoft Internet Explorer 52022-04-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5.0.1/6.0 - Content-Disposition Handling File Execution2002-05-15
CVE-2002-0193 — Microsoft vulnerability | cvebase