Vulnerabilities > CVE-2002-1254 - Unspecified vulnerability in Microsoft IE and Internet Explorer
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
exploit available
Summary
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Exploit-Db
| description | Microsoft Internet Explorer 5/6 Cached Objects Zone Bypass Vulnerability. CVE-2002-1254. Remote exploit for windows platform |
| id | EDB-ID:21959 |
| last seen | 2016-02-02 |
| modified | 2002-10-22 |
| published | 2002-10-22 |
| reporter | GreyMagic Software |
| source | https://www.exploit-db.com/download/21959/ |
| title | Microsoft Internet Explorer 5/6 Cached Objects Zone Bypass Vulnerability |
Oval
accepted 2014-02-24T04:03:17.188-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." family windows id oval:org.mitre.oval:def:388 status accepted submitted 2004-01-27T05:00:00.000-04:00 title IE v6.0 Cross Domain Verification via Cached Methods Vulnerability version 67 accepted 2014-02-24T04:03:17.813-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." family windows id oval:org.mitre.oval:def:408 status accepted submitted 2004-01-27T12:00:00.000-04:00 title IE v5.5 Cross Domain Verification via Cached Methods Vulnerability version 66
References
- http://marc.info/?l=bugtraq&m=103530131201191&w=2
- http://marc.info/?l=bugtraq&m=103530131201191&w=2
- http://security.greymagic.com/adv/gm012-ie/
- http://security.greymagic.com/adv/gm012-ie/
- http://www.ciac.org/ciac/bulletins/n-018.shtml
- http://www.ciac.org/ciac/bulletins/n-018.shtml
- http://www.iss.net/security_center/static/10435.php
- http://www.iss.net/security_center/static/10435.php
- http://www.iss.net/security_center/static/10436.php
- http://www.iss.net/security_center/static/10436.php
- http://www.iss.net/security_center/static/10437.php
- http://www.iss.net/security_center/static/10437.php
- http://www.iss.net/security_center/static/10438.php
- http://www.iss.net/security_center/static/10438.php
- http://www.iss.net/security_center/static/10439.php
- http://www.iss.net/security_center/static/10439.php
- http://www.securityfocus.com/bid/6028
- http://www.securityfocus.com/bid/6028
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10432
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10432
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A388
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A388
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A408
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A408