CVE-2002-1254
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.2%
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka “Cross Domain Verification via Cached Methods.”
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | ie | 6.0 | cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:* |
| microsoft | internet_explorer | 5.5 | cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 5.5 | cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:* |
| microsoft | internet_explorer | 5.5 | cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:* |
| microsoft | internet_explorer | 6.0 | cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:* |
References
marc.info/?l=bugtraq&m=103530131201191&w=2
security.greymagic.com/adv/gm012-ie/
www.ciac.org/ciac/bulletins/n-018.shtml
www.iss.net/security_center/static/10435.php
www.iss.net/security_center/static/10436.php
www.iss.net/security_center/static/10437.php
www.iss.net/security_center/static/10438.php
www.iss.net/security_center/static/10439.php
www.securityfocus.com/bid/6028
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
exchange.xforce.ibmcloud.com/vulnerabilities/10432
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A388
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A408
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.2%