CVE-2002-0193

Microsoft Internet Explorer 5.01-6.0 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0193. PoCs published by Jani Laatikainen.

AI-analyzed exploit summary This is a writeup describing a vulnerability in Microsoft Internet Explorer where conflicting HTTP headers (Content-Type and Content-disposition) can lead to automatic download and execution of attacker-supplied programs. The issue is exacerbated by the presence of Windows Media Player 6.4 or 7.1.

Description

Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Jani Laatikainen · textremotewindows
https://www.exploit-db.com/exploits/21452

This is a writeup describing a vulnerability in Microsoft Internet Explorer where conflicting HTTP headers (Content-Type and Content-disposition) can lead to automatic download and execution of attacker-supplied programs. The issue is exacerbated by the presence of Windows Media Player 6.4 or 7.1.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Microsoft Internet Explorer (with Windows Media Player 6.4 or 7.1)
No auth needed
Prerequisites: Victim uses Microsoft Internet Explorer · Windows Media Player 6.4 or 7.1 installed
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4752
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A99
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A27
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/9085

Scores

EPSS 0.3334
EPSS Percentile 98.2%

Details

Status published
Products (2)
microsoft/internet_explorer 5.0.1 (3 CPE variants)
microsoft/internet_explorer 6.0
Published May 29, 2002
Tracked Since Feb 18, 2026