CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
99.2%
Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | ie | 6.0 | cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:* |
microsoft | internet_explorer | 5.0.1 | cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:* |
microsoft | internet_explorer | 5.0.1 | cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:* |
microsoft | internet_explorer | 5.0.1 | cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:* |
microsoft | internet_explorer | 5.0.1 | cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:* |
microsoft | internet_explorer | 5.5 | cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:* |
microsoft | internet_explorer | 5.5 | cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:* |
microsoft | internet_explorer | 5.5 | cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:* |
microsoft | internet_explorer | 6.0 | cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:* |