Vulnerabilities > CVE-2002-0027 - Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
microsoft
NVD
Published: 2002-03-08
Updated: 2021-07-23

Summary

Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.

Vulnerable Configurations

Part Description Count
Application
Microsoft
2

Oval

accepted2016-02-19T10:00:00.000-04:00
classvulnerability
contributors
  • nameTiffany Bergeron
    organizationThe MITRE Corporation
  • nameHarvey Rubinovitz
    organizationThe MITRE Corporation
  • nameChristine Walzer
    organizationThe MITRE Corporation
  • nameChristine Walzer
    organizationThe MITRE Corporation
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Mikhno
    organizationALTX-SOFT
definition_extensions
commentMicrosoft Internet Explorer 6 is installed
ovaloval:org.mitre.oval:def:563
descriptionInternet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.
familywindows
idoval:org.mitre.oval:def:974
statusaccepted
submitted2004-04-29T04:00:00.000-04:00
titleIE Frame Domain Verification Vulnerability
version69

References