Unrated severityNVD Advisory· Published Mar 15, 2002· Updated Apr 16, 2026
CVE-2002-0070
CVE-2002-0070
Description
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
Affected products
5- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- marc.infonvd
- www.iss.net/security_center/static/8384.phpnvd
- www.ntbugtraq.com/default.aspnvd
- www.securityfocus.com/bid/4248nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-014nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A147nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18nvd
News mentions
0No linked articles in our index yet.