Test ID:	1.3.6.1.4.1.25623.1.0.11325
Category:	Windows
Title:	Word can lead to Script execution on mail reply
Summary:	NOSUMMARY
Description:	Description: Outlook 2000 and 2002 provide the option to use Microsoft Word as the e-mail editor when creating and editing e-mail in RTF or HTML. There is a flaw in some versions of Word which may allow an attacker to execute arbitrary code when the user replies to a specially formed message using Word. An attacker may use this flaw to execute arbitrary code on this host. Solution : See http://www.microsoft.com/technet/security/bulletin/ms02-021.mspx Risk factor : Medium
Cross-Ref:	BugTraq ID: 4397 Common Vulnerability Exposure (CVE) ID: CVE-2002-1056 http://www.securityfocus.com/bid/4397 Bugtraq: 20020331 More Office XP Problems (Google Search) http://marc.info/?l=bugtraq&m=101760380418890&w=2 Bugtraq: 20020403 More Office XP problems (Version 2.0) (Google Search) http://online.securityfocus.com/archive/1/265621 Microsoft Security Bulletin: MS02-021 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A205 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A429 http://www.iss.net/security_center/static/8708.php
Copyright	This script is Copyright (C) 2003 Renaud Deraison

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.