Description
Buffer overflow in a legacy ActiveX control used to display specially formatted text in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code, aka "Buffer Overrun in Legacy Text Formatting ActiveX Control".
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mark Litchfield · textremotewindows
https://www.exploit-db.com/exploits/21748
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5558
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9935.php
Scores
EPSS
0.1552
EPSS Percentile
94.7%
Details
Status
published
Products (3)
microsoft/internet_explorer
5.01 (3 CPE variants)
microsoft/internet_explorer
5.5 (3 CPE variants)
microsoft/internet_explorer
6.0
Published
Sep 24, 2002
Tracked Since
Feb 18, 2026