CVE-2002-0723

2002-08-2404:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

Low

0.307 Low

EPSS

Percentile

97.0%

JSON

Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka “Cross Domain Verification in Object Tag.”

References

www.iss.net/security_center/static/9537.php

www.securityfocus.com/bid/5196

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047