Vulnerabilities > CVE-2002-0723 - Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft
exploit available
NVD
Published: 2002-09-24
Updated: 2021-07-23

Summary

Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag."

Vulnerable Configurations

Part Description Count
Application
Microsoft
4

Exploit-Db

descriptionMS IE 5/6 OBJECT Tag Same Origin Policy Violation Vulnerability. CVE-2002-0723 . Remote exploit for windows platform
idEDB-ID:21606
last seen2016-02-02
modified2002-07-10
published2002-07-10
reporterThor Larholm
sourcehttps://www.exploit-db.com/download/21606/
titleMicrosoft Internet Explorer 5/6 OBJECT Tag Same Origin Policy Violation Vulnerability

References