Lucene search

[email protected]CVE-2002-0269

HistoryMay 29, 2002 - 4:00 a.m.

CVE-2002-0269

2002-05-2904:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

internet explorer

cve-2002-0269

script execution

mime content-type

nvd

web application

cross-site scripting.

7.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.01
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq5.0
microsoft:internet_explorermicrosoft internet explorereq5.0.1
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.01
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	5.0
microsoft:internet_explorer	microsoft internet explorer	eq	5.0.1
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

marc.info/?l=bugtraq&m=101363764421623&w=2

Social References

7.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON