Lucene search

[email protected]CVE-2002-0077

HistoryJan 13, 2002 - 5:00 a.m.

CVE-2002-0077

2002-01-1305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

microsoft

internet explorer 5.01

internet explorer 5.5

internet explorer 6.0

remote attacks

nvd

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the “Local Executable Invocation via Object tag” vulnerability.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq5.0.1
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	5.0.1
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

marc.info/?l=bugtraq&m=101103188711920&w=2

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-015

Social References

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

Related for CVE-2002-0077

cert1 cve1