Oval Definition:oval:org.mitre.oval:def:27
Revision Date:2014-02-24Version:50
Title:IE v5.01 Content Disposition/Type Arbitrary Code Execution
Description:Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2002-0193
Platform(s):Microsoft Windows 2000
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Internet Explorer 5.01 Installed
  • Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Service Pack 2 is installed
  • AND the version of mshtml.dll is less than 5.0.3504.2500
  • AND NOT the patch q321232 is installed (Installed Components key)
  • AND NOT the patch q323759 is installed (Installed Components key)
  • AND NOT the patch q824145 is installed (Installed Components key)
  • AND Windows 2000 Service Pack 4 (or later) is installed
  • Windows 2000 is installed
  • AND SP4 or later Installed
    • BACK