Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2002-1217

Published: 28/10/2002 Updated: 23/07/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Microsoft

Vulnerability Summary

Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote malicious users to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet explorer 5.5

microsoft internet explorer 6.0

Exploits

Exploit DB: Microsoft Internet Explorer 5/6 - Unauthorized Document Object Model Access
source: wwwsecurityfocuscom/bid/5963/info Microsoft Internet Explorer (MSIE) is prone to a vulnerability that may enable a frame or iframe to gain unauthorized access to the Document Object Model (DOM) of other frames/iframes in a different domain This is possible because MSIE does not perform adequate access control checks on all frame ...

References

NVD-CWE-Otherhttp://security.greymagic.com/adv/gm011-ie/http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0024.htmlhttp://www.iss.net/security_center/static/10371.phphttp://www.ciac.org/ciac/bulletins/n-018.shtmlhttp://www.securityfocus.com/bid/5963http://marc.info/?l=bugtraq&m=103470310417576&w=2http://marc.info/?l=ntbugtraq&m=103470202010570&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A272https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066https://nvd.nist.govhttps://www.exploit-db.com/exploits/21940/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook