Vulnerabilities > CVE-2002-0189 - Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.5/6.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft
exploit available
NVD
Published: 2002-05-29
Updated: 2021-07-23

Summary

Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.

Vulnerable Configurations

Part Description Count
Application
Microsoft
5

Exploit-Db

descriptionMicrosoft Internet Explorer 5 Dialog Same Origin Policy Bypass Variant Vulnerability. CVE-2002-0189. Remote exploit for windows platform
idEDB-ID:21750
last seen2016-02-02
modified2002-04-16
published2002-04-16
reporterGreyMagic Software
sourcehttps://www.exploit-db.com/download/21750/
titleMicrosoft Internet Explorer 5 Dialog Same Origin Policy Bypass Variant Vulnerability

Oval

accepted2014-02-24T04:00:25.465-05:00
classvulnerability
contributors
  • nameAndrew Buttner
    organizationThe MITRE Corporation
  • nameChristine Walzer
    organizationThe MITRE Corporation
  • nameMatthew Wojcik
    organizationThe MITRE Corporation
  • nameAnna Min
    organizationBigFix, Inc
  • nameSudhir Gandhe
    organizationTelos
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Mikhno
    organizationALTX-SOFT
descriptionCross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
familywindows
idoval:org.mitre.oval:def:19
statusaccepted
submitted2004-01-27T05:00:00.000-04:00
titleIE Cross-Site Scripting
version71

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/26109/ie.css.txt
idPACKETSTORM:26109
last seen2016-12-05
published2002-05-20
reporterThor Larholm
sourcehttps://packetstormsecurity.com/files/26109/ie.css.txt.html
titleie.css.txt

References