CVE-2002-0648

2002-09-24T04:00:00
ID CVE-2002-0648
Type cve
Reporter cve@mitre.org
Modified 2018-10-12T21:31:00

Description

The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.