CVE-2002-2101

Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag.

Date published : 2005-08-05

http://www.securityfocus.com/bid/4337

http://archives.neohapsis.com/archives/bugtraq/2002-03/0267.html