Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Entourage | Microsoft | 2001 (including) | 2001 (including) |
| Entourage | Microsoft | v._x (including) | v._x (including) |
| Excel | Microsoft | 2001 (including) | 2001 (including) |
| Excel | Microsoft | x (including) | x (including) |
| Ie | Microsoft | 5.1 (including) | 5.1 (including) |
| Office | Microsoft | 2001 (including) | 2001 (including) |
| Office | Microsoft | 2001-sr1 (including) | 2001-sr1 (including) |
| Office | Microsoft | v.x (including) | v.x (including) |
| Outlook_express | Microsoft | 5.0 (including) | 5.0 (including) |
| Outlook_express | Microsoft | 5.0.1 (including) | 5.0.1 (including) |
| Outlook_express | Microsoft | 5.0.2 (including) | 5.0.2 (including) |
| Outlook_express | Microsoft | 5.0.3 (including) | 5.0.3 (including) |
| Powerpoint | Microsoft | 98 (including) | 98 (including) |
| Powerpoint | Microsoft | 2001 (including) | 2001 (including) |
| Powerpoint | Microsoft | v.x (including) | v.x (including) |
References
- http://marc.info/?l=bugtraq\u0026m=101897994314015\u0026w=2
- http://www.iss.net/security_center/static/8850.php
- http://www.osvdb.org/5357
- http://www.securityfocus.com/bid/4517
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-019
- http://marc.info/?l=bugtraq\u0026m=101897994314015\u0026w=2
- http://www.iss.net/security_center/static/8850.php
- http://www.osvdb.org/5357
- http://www.securityfocus.com/bid/4517
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-019