CVE
- Id
- 5368
- CVE No.
- CVE-2002-0980
- Status
- Candidate
- Description
- The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.
- Phase
- Modified (20050609)
- Votes
- ACCEPT(1) Baker | MODIFY(1) Frech | NOOP(5) Armstrong, Christey, Cole, Cox, Foat | REVIEWING(1) Wall
- Comments
- Christey> ADDREF MS:MS03-014 | URL:http://www.microsoft.com/technet/security/bulletin/ms03-014.asp | (it explicitly mentions this CAN). | | Note: MS03-014 places the blame on Outlook, not IE. | Frech> XF:ie-webfolder-script-injection(9881) | Christey> MS:MS03-014 | URL:http://www.microsoft.com/technet/security/bulletin/ms03-014.asp | | The following Bugtraq post appears to involve a different | attack vector than is currently described: | | BUGTRAQ:20030225 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II | URL:http://www.securityfocus.com/archive/1/313174 | | *** FROM THE CVE PERSPECTIVE, THERE IS INSUFFICIENT PUBLIC | *** INFORMATION TO BE CERTAIN WHETHER THE ABOVE POST IS TRULY | *** ADDRESSED BY MS:MS03-014 OR NOT. THEREFORE IT IS NOT | *** CERTAIN WHETHER THE ABOVE REFERENCE SHOULD BE ADDED TO | *** THIS ENTRY OR NOT. | | The exploit from this Bugtraq post is being used in the | "W32/Mimail@MM" mail worm of July/August 2003. | | Also see: http://www.microsoft.com/security/incident/mimail.asp | | Also see: http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.a@mm.html
