High

CVE-2002-0026 - Unspecified vulnerability in Microsoft Internet Explorer

Publication: 2002-03-08
Summary

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made.

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 6.0