Vulnerabilities > CVE-2001-0332 - Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |