Microsoft : Security Vulnerabilities, CVEs, Published In May 2002 (Code Execution)
Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.
Max CVSS
7.5
EPSS Score
6.06%
Published
2002-05-29
Updated
2021-07-23
Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability.
Max CVSS
7.5
EPSS Score
4.91%
Published
2002-05-29
Updated
2021-07-23
Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the second variant of the "Content Disposition" vulnerability.
Max CVSS
7.5
EPSS Score
3.93%
Published
2002-05-29
Updated
2021-07-23
Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.
Max CVSS
7.5
EPSS Score
5.50%
Published
2002-05-29
Updated
2018-10-12
Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.
Max CVSS
7.5
EPSS Score
6.42%
Published
2002-05-16
Updated
2018-10-12
5 vulnerabilities found