Code Execution Vulnerability in Microsoft Windows Products
CVE-2002-0694
Currently unrated
Key Information:
- Vendor
- Microsoft
- Vendor
- CVE Published:
- 10 October 2002
Summary
The HTML Help facility in various Microsoft Windows versions utilizes the Local Computer Security Zone when accessing .chm files stored in the Temporary Internet Files folder. This design flaw enables remote attackers to execute arbitrary code through HTML emails that reference or embed a malicious .chm file containing executable shortcuts. Proper updates and security measures should be implemented to mitigate the risk associated with this vulnerability.
References
EPSS Score
21% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved