Lucene search

[email protected]CVE-2002-0027

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2002-0027

2002-06-2504:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0027

internet explorer

vulnerability

url spoofing

remote file reading

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.1%

JSON

Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the “Frame Domain Verification” vulnerability described in MS:MS01-058/CAN-2001-0874.

Affected configurations

NVD

Node

microsoftinternet_explorerMatch5.5

microsoftinternet_explorerMatch6.0

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

www.osvdb.org/3031

www.securityfocus.com/archive/1/246522

www.securityfocus.com/bid/3721

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-005

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A974

Social References

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.1%

JSON

Related for CVE-2002-0027

cvelist2 nvd2 cert1 cve1 openvas2