CVE-2002-1254
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.944 High
EPSS
Percentile
99.2%
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka “Cross Domain Verification via Cached Methods.”
References
marc.info/?l=bugtraq&m=103530131201191&w=2
security.greymagic.com/adv/gm012-ie/
www.ciac.org/ciac/bulletins/n-018.shtml
www.iss.net/security_center/static/10435.php
www.iss.net/security_center/static/10436.php
www.iss.net/security_center/static/10437.php
www.iss.net/security_center/static/10438.php
www.iss.net/security_center/static/10439.php
www.securityfocus.com/bid/6028
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
exchange.xforce.ibmcloud.com/vulnerabilities/10432
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A388
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A408
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.944 High
EPSS
Percentile
99.2%