CVE-2002-0193

Published: May 29, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.

Affected (4)

Products: Microsoft: Internet Explorer

1 product

Internet Explorer

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.0.1
Microsoft Internet Explorer	Version 5.0.1 sp1
Microsoft Internet Explorer	Version 5.0.1 sp2
Microsoft Internet Explorer	Version 6.0

References (10)

http://www.securityfocus.com/bid/4752

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/9085

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A27

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A99

Source: cve@mitre.org

http://www.securityfocus.com/bid/4752

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/9085

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A27

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A99

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.