CVE-2002-0980

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 5.5 through 6.0

Description: The issue allows remote attackers to execute arbitrary code by injecting it into an error message written by the Web Folder component, then referring to the error message file via a mhtml: URL.

Recommendations: For Internet Explorer versions 5.5 through 6.0, consider disabling the Web Folder component as a temporary workaround until a patch is available. Restrict access to the temporary folder to minimize the risk of exploitation. Avoid using the mhtml: URL protocol in Internet Explorer until the issue is resolved.