| Vulnerability Name: | CVE-2002-0647 (CCN-9935) | ||||||||
| Assigned: | 2002-08-22 | ||||||||
| Published: | 2002-08-22 | ||||||||
| Updated: | 2021-07-23 | ||||||||
| Summary: | Buffer overflow in a legacy ActiveX control used to display specially formatted text in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code, aka "Buffer Overrun in Legacy Text Formatting ActiveX Control". | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2002-0647 Source: CCN Type: CIAC Information Bulletin M-116 Microsoft Cumulative Patch for Internet Explorer Source: XF Type: UNKNOWN ms-legacytext-activex-bo(9935) Source: CCN Type: Microsoft Security Bulletin MS02-047 Cumulative Patch for Internet Explorer (Q323759) Source: CCN Type: Microsoft Security Bulletin MS02-066 Cumulative Patch for Internet Explorer (Q328970) Source: CCN Type: Microsoft Security Bulletin MS02-068 Cumulative Patch for Internet Explorer (324929) Source: CCN Type: Microsoft Security Bulletin MS03-004 Cumulative Patch for Internet Explorer (810847) Source: CCN Type: Microsoft Security Bulletin MS03-015 Cumulative Patch for Internet Explorer (813489) Source: CCN Type: Microsoft Security Bulletin MS03-020 Cumulative Patch for Internet Explorer (818529) Source: CCN Type: Microsoft Security Bulletin MS03-032 Cumulative Patch for Internet Explorer (822925) Source: CCN Type: Microsoft Security Bulletin MS03-040 Cumulative Patch for Internet Explorer (828750) Source: CCN Type: Microsoft Security Bulletin MS03-048 Cumulative Security Update for Internet Explorer (824145) Source: CCN Type: Microsoft Security Bulletin MS04-004 Cumulative Security Update for Internet Explorer (832894) Source: CCN Type: Microsoft Security Bulletin MS04-025 Cumulative Security Update for Internet Explorer (867801) Source: CCN Type: Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer (834707) Source: CCN Type: Microsoft Security Bulletin MS04-040 Cumulative Security Update for Internet Explorer (889293) Source: CCN Type: Microsoft Security Bulletin MS05-014 Cumulative Security Update for Internet Explorer (867282) Source: CCN Type: Microsoft Security Bulletin MS05-020 Cumulative Security Update for Internet Explorer (890923) Source: CCN Type: Microsoft Security Bulletin MS05-025 Cumulative Security Update for Internet Explorer (883939) Source: CCN Type: Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer (896727) Source: CCN Type: Microsoft Security Bulletin MS05-052 Cumulative Security Update for Internet Explorer (896688) Source: CCN Type: Microsoft Security Bulletin MS05-054 Cumulative Security Update for Internet Explorer (905915) Source: CCN Type: Microsoft Security Bulletin MS06-004 Cumulative Security Update for Internet Explorer (910620) Source: CCN Type: Microsoft Security Bulletin MS06-013 Cumulative Security Update for Internet Explorer (912812) Source: CCN Type: Microsoft Security Bulletin MS06-021 Cumulative Security Update for Internet Explorer (916281) Source: CCN Type: Microsoft Security Bulletin MS06-042 Cumulative Security Update for Internet Explorer (918899) Source: CCN Type: Microsoft Security Bulletin MS06-067 Cumulative Security Update for Internet Explorer (922760) Source: CCN Type: Microsoft Security Bulletin MS06-072 Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer (928090) Source: CCN Type: Microsoft Security Bulletin MS07-027 Cumulative Security Update for Internet Explorer (931768) Source: CCN Type: Microsoft Security Bulletin MS07-033 Cumulative Security Update for Internet Explorer (933566) Source: CCN Type: Microsoft Security Bulletin MS07-045 Cumulative Security Update for Internet Explorer (937143) Source: CCN Type: Microsoft Security Bulletin MS07-057 Cumulative Security Update for Internet Explorer (939653) Source: CCN Type: Microsoft Security Bulletin MS07-069 Cumulative Security Update for Internet Explorer (942615) Source: CCN Type: Microsoft Security Bulletin MS08-010 Cumulative Security Update for Internet Explorer (944533) Source: CCN Type: Microsoft Security Bulletin MS08-024 Cumulative Security Update for Internet Explorer (947864) Source: CCN Type: Microsoft Security Bulletin MS08-031 Cumulative Security Update for Internet Explorer (950759) Source: CCN Type: Microsoft Security Bulletin MS08-045 Cumulative Security Update for Internet Explorer (953838) Source: CCN Type: Microsoft Security Bulletin MS08-058 Cumulative Security Update for Internet Explorer (956390) Source: CCN Type: NGSSoftware Insight Security Research Advisory #NISR26082002 Microsoft Internet Explorer BufferOverrun Source: CCN Type: OSVDB ID: 5152 Microsoft Legacy Text Formatting ActiveX Control Overflow Source: BID Type: UNKNOWN 5558 Source: CCN Type: BID-5558 Microsoft Internet Explorer Legacy Text Formatting ActiveX Component Buffer Overflow Vulnerability Source: MS Type: UNKNOWN MS02-047 Source: XF Type: UNKNOWN ms-legacytext-activex-bo(9935) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||