Published: 31/12/2002 Updated: 23/07/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The browser history feature in Microsoft Internet Explorer 5.5 up to and including 6.0 allows remote malicious users to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 5.5
microsoft internet explorer 6.0

source: wwwsecurityfocuscom/bid/4505/info A vulnerability has been reported in some versions of Internet Explorer It is possible to inject JavaScript code into the browser history list, and execute it within any page context given appropriate user interaction Internet Explorer stores javascript: URLs in the browser history list Script ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/267561 http://www.securityfocus.com/bid/4505 https://exchange.xforce.ibmcloud.com/vulnerabilities/8844 https://nvd.nist.gov https://www.exploit-db.com/exploits/21376/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1688

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect