Vulnerabilities > CVE-2002-0027 - Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Oval
accepted | 2016-02-19T10:00:00.000-04:00 | ||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||
description | Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874. | ||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||
id | oval:org.mitre.oval:def:974 | ||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||
submitted | 2004-04-29T04:00:00.000-04:00 | ||||||||||||||||||||||||
title | IE Frame Domain Verification Vulnerability | ||||||||||||||||||||||||
version | 69 |