Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Jun 16, 2026

CVE-2002-0481

Description

An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.

Affected products

Microsoft/Outlook2 versions
cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
- (no CPE)range: = 2002
Microsoft/Windows Media Playerllm-fuzzy

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/4340nvdPatchVendor Advisory
online.securityfocus.com/archive/1/263429nvdVendor Advisory
www.iss.net/security_center/static/8604.phpnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000