CVE-2002-0694
published 2002-10-10CVE-2002-0694: The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP…
PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
13.67%
96.0th percentile
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_nt | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.iss.net/security_center/static/10254.phphttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403http://www.iss.net/security_center/static/10254.phphttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403
2002-10-10
Published