CVE-2002-0980

Internet Explorer 5.5-6.0 - Remote Code Execution via Web Folder Error Message Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0980. PoCs published by http-equiv.

AI-analyzed exploit summary This exploit leverages a vulnerability in Microsoft Outlook Express's MHTML URL handler to execute arbitrary script code in the Local Computer Zone by rendering a malicious .txt file. The PoC demonstrates script execution via an onload event and file navigation.

Description

The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.

Exploits (1)

exploitdb WORKING POC VERIFIED

by http-equiv · htmlremotewindows

https://www.exploit-db.com/exploits/21711

View Code ZIP pw:eip

This exploit leverages a vulnerability in Microsoft Outlook Express's MHTML URL handler to execute arbitrary script code in the Local Computer Zone by rendering a malicious .txt file. The PoC demonstrates script execution via an onload event and file navigation.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Outlook Express (versions affected by CVE-2002-0980)

No auth needed

Prerequisites: Victim must open a malicious MHTML file or navigate to a crafted URL

MITRE ATT&CK