Published: 11/12/2002 Updated: 23/07/2021

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 up to and including 6.0 allows remote malicious users to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 5.5
microsoft internet explorer 5.0.1
microsoft internet explorer 5.0
microsoft internet explorer 6.0

source: wwwsecurityfocuscom/bid/5672/info When a Microsoft Internet Explorer (MSIE) window opens another window, security checks should prevent the parent from accessing the child if the latter is of another domain or Security Zone It has been reported that such checks fails to occur against attempts to access the frames of child window ...

NVD-CWE-Other http://www.iss.net/security_center/static/10066.php http://www.securityfocus.com/bid/5672 http://www.osvdb.org/2998 http://marc.info/?l=bugtraq&m=103158601431054&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A203 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://nvd.nist.gov https://www.exploit-db.com/exploits/21777/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1187

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect