Vulnerabilities > CVE-2001-0092 - Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.01/5.5

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

high complexity

microsoft

NVD

Published: 2001-02-16

Updated: 2021-07-23

Summary

A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 5.0 Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 5.5	3

References

http://www.osvdb.org/7817
https://exchange.xforce.ibmcloud.com/vulnerabilities/6086
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-093