Published: 31/12/2002 Updated: 23/07/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote malicious users to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 5.0
microsoft internet explorer 5.0.1
microsoft internet explorer 5.5
microsoft internet explorer 6.0

source: wwwsecurityfocuscom/bid/3779/info Microsoft Internet Explorer is prone to a vulnerability which may disclose sensitive information to a malicious webmaster When script code includes a file outside of the document it is embedded in and the file does not exist, the onError event handler will run script if it is enabled This scrip ...

source: wwwsecurityfocuscom/bid/3779/info Microsoft Internet Explorer is prone to a vulnerability which may disclose sensitive information to a malicious webmaster When script code includes a file outside of the document it is embedded in and the file does not exist, the onError event handler will run script if it is enabled This scr ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2002-01/0019.html http://www.securityfocus.com/bid/3779 http://www.iss.net/security_center/static/7784.php https://nvd.nist.gov https://www.exploit-db.com/exploits/21198/

CVE-2002-2031

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect