Vulnerabilities > CVE-2002-0500 - Unspecified vulnerability in Microsoft Internet Explorer

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

microsoft

NVD

Published: 2002-08-12

Updated: 2021-07-23

Summary

Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 5.0.1 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 5.0 Microsoft Internet Explorer 6.0	8

References

http://www.iss.net/security_center/static/8658.php
http://www.securityfocus.com/bid/4371
http://archives.neohapsis.com/archives/bugtraq/2002-03/0331.html