{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-04-26T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-06-16T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "oval:org.mitre.oval:def:429", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429"}, {"name": "4397", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/4397"}, {"name": "MS02-021", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021"}, {"name": "20020331 More Office XP Problems", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101760380418890&w=2"}, {"name": "20020403 More Office XP problems (Version 2.0)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://online.securityfocus.com/archive/1/265621"}, {"name": "oval:org.mitre.oval:def:205", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205"}, {"name": "outlook-object-execute-script(8708)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/8708.php"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1056", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:429", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429"}, {"name": "4397", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4397"}, {"name": "MS02-021", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021"}, {"name": "20020331 More Office XP Problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101760380418890&w=2"}, {"name": "20020403 More Office XP problems (Version 2.0)", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/265621"}, {"name": "oval:org.mitre.oval:def:205", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205"}, {"name": "outlook-object-execute-script(8708)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8708.php"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:12:16.986Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:429", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429"}, {"name": "4397", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/4397"}, {"name": "MS02-021", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021"}, {"name": "20020331 More Office XP Problems", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=101760380418890&w=2"}, {"name": "20020403 More Office XP problems (Version 2.0)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://online.securityfocus.com/archive/1/265621"}, {"name": "oval:org.mitre.oval:def:205", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205"}, {"name": "outlook-object-execute-script(8708)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/8708.php"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1056", "datePublished": "2002-06-25T04:00:00.000Z", "dateReserved": "2002-04-26T00:00:00.000Z", "dateUpdated": "2024-08-08T03:12:16.986Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:outlook:2000:*:*:*:*:*:*:*", "matchCriteriaId": "D52F17AB-2C87-4C1A-91B5-267ABBCF5844", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*", "matchCriteriaId": "3FE6EAE0-5A8F-4A97-950B-879379A3C0F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*", "matchCriteriaId": "AEBFF713-0884-43BF-9AB8-777664FD64AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2000:sr1:*:*:*:*:*:*", "matchCriteriaId": "FEE7CC21-A458-49BB-B437-D5DF09339D83", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2000:sr1a:*:*:*:*:*:*", "matchCriteriaId": "8CFD9BC0-8755-4C3B-A198-A7F2DEFA82AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*", "matchCriteriaId": "2D90B1E1-23CD-4595-AD78-DA1758E9896D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to."}, {"lang": "es", "value": "Microsoft Outlook 2000 y 2002, cuando est\u00e1n configurados para usar Microsoft Word como editor de correo, no bloquea secuencias de comandos (scripts) en usjo mientras se editan mensajes en HTML o Formato de Texto Enriquecido (RTF), lo que podr\u00eda permitir a atacantes remotos ejecutar scripts arbitrarios mediante un correo electr\u00f3nico que el usuario reenvia o al que responde."}], "id": "CVE-2002-1056", "lastModified": "2026-04-16T00:27:16.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-05-16T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101760380418890&w=2"}, {"source": "cve@mitre.org", "url": "http://online.securityfocus.com/archive/1/265621"}, {"source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/8708.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/4397"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=101760380418890&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/archive/1/265621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/8708.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/4397"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}