Lucene search

[email protected]CVE-2002-0980

HistorySep 24, 2002 - 4:00 a.m.

CVE-2002-0980

2002-09-2404:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0980

internet explorer

web folder

remote code execution

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.747 High

EPSS

Percentile

98.2%

JSON

The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.

Affected configurations

NVD

Node

microsoftinternet_explorerMatch5.5

microsoftinternet_explorerMatch5.5sp1

microsoftinternet_explorerMatch5.5sp2

microsoftinternet_explorerMatch6.0

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

marc.info/?l=bugtraq&m=102942234427691&w=2

marc.info/?l=ntbugtraq&m=102937705527922&w=2

marc.info/?l=vuln-dev&m=102943486811091&w=2

www.iss.net/security_center/static/9881.php

www.securityfocus.com/bid/5473

docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-014

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.747 High

EPSS

Percentile

98.2%

JSON

Related for CVE-2002-0980

cvelist1 cert1 nvd1