CVE-2002-0152

Description

Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.

Affected products

• Microsoft / entourage2001 – 2001
• Microsoft / entouragev._x – v._x
• Microsoft / Excel2001 – 2001
• Microsoft / Excelx – x
• Microsoft / ie5.1 – 5.1
• Microsoft / office2001 – 2001
• Microsoft / office2001 – 2001
• Microsoft / officev.x – v.x
• Microsoft / outlook_express5.0 – 5.0
• Microsoft / outlook_express5.0.1 – 5.0.1
• Microsoft / outlook_express5.0.2 – 5.0.2
• Microsoft / outlook_express5.0.3 – 5.0.3
• Microsoft / PowerPoint98 – 98
• Microsoft / PowerPoint2001 – 2001
• Microsoft / PowerPointv.x – v.x

References

• MAILING_LISThttp://marc.info/?l=bugtraq&m=101897994314015&w=2
• MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-019
• MISChttp://www.osvdb.org/5357
• MISChttp://www.securityfocus.com/bid/4517
• MISChttp://www.iss.net/security_center/static/8850.php