Vulnerability Details CVE-2002-0693
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.538
EPSS Ranking 97.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=103365849505409&w=2
- http://marc.info/?l=bugtraq&m=103419115517344&w=2
- http://marc.info/?l=bugtraq&m=103435279404182&w=2
- http://www.iss.net/security_center/static/10253.php
- http://www.securityfocus.com/bid/5874
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A374
- http://marc.info/?l=bugtraq&m=103365849505409&w=2
- http://marc.info/?l=bugtraq&m=103419115517344&w=2
- http://marc.info/?l=bugtraq&m=103435279404182&w=2
- http://www.iss.net/security_center/static/10253.php
- http://www.securityfocus.com/bid/5874
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A374
Products affected by CVE-2002-0693
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2000:beta3
-
cpe:2.3:o:microsoft:windows_2000_terminal_services:-
-
cpe:2.3:o:microsoft:windows_98:-
-
cpe:2.3:o:microsoft:windows_98se:-
-
cpe:2.3:o:microsoft:windows_me:-
-
cpe:2.3:o:microsoft:windows_nt:4.0
-
cpe:2.3:o:microsoft:windows_xp:-