CVE-2002-0481

Name of the Vulnerable Software and Affected Versions Windows Media Player versions (affected versions not specified) Outlook version 2002

Description The issue allows remote attackers to bypass security settings and execute Javascript. This is achieved through an interaction between Windows Media Player and Outlook, where an HTML email message references certain media files, such as .WMS files. The onload handlers of these files execute the player.LaunchURL() Javascript function, enabling the execution of Javascript code.

Recommendations For Windows Media Player, consider disabling the LaunchURL() function as a temporary workaround until a patch is available. For Outlook 2002, restrict the handling of HTML email messages that reference WMP media files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.