Vulnerabilities > CVE-2002-0078 - Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/5.5/6.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft

Summary

The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.

Oval

accepted2014-02-24T04:03:28.687-05:00
classvulnerability
contributors
  • nameAndrew Buttner
    organizationThe MITRE Corporation
  • nameAndrew Buttner
    organizationThe MITRE Corporation
  • nameChristine Walzer
    organizationThe MITRE Corporation
  • nameMaria Mikhno
    organizationALTX-SOFT
descriptionThe zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.
familywindows
idoval:org.mitre.oval:def:96
statusaccepted
submitted2003-11-12T05:00:00.000-04:00
titleIE Cookie-based Script Execution
version67