Vulnerabilities > CVE-2002-0078 - Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/5.5/6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Oval
accepted | 2014-02-24T04:03:28.687-05:00 | ||||||||||||||||
class | vulnerability | ||||||||||||||||
contributors |
| ||||||||||||||||
description | The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability. | ||||||||||||||||
family | windows | ||||||||||||||||
id | oval:org.mitre.oval:def:96 | ||||||||||||||||
status | accepted | ||||||||||||||||
submitted | 2003-11-12T05:00:00.000-04:00 | ||||||||||||||||
title | IE Cookie-based Script Execution | ||||||||||||||||
version | 67 |
References
- http://www.securityfocus.com/bid/4392
- http://www.iss.net/security_center/static/8701.php
- http://www.osvdb.org/3029
- http://marc.info/?l=bugtraq&m=101781180528301&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A96
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-015