Vulnerabilities > CVE-2002-1688 - Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Exploit-Db
description | Microsoft Internet Explorer 5.5/6.0 History List Script Injection Vulnerability. CVE-2002-1688. Remote exploit for windows platform |
id | EDB-ID:21376 |
last seen | 2016-02-02 |
modified | 2002-04-15 |
published | 2002-04-15 |
reporter | Andreas Sandblad |
source | https://www.exploit-db.com/download/21376/ |
title | Microsoft Internet Explorer 5.5/6.0 History List Script Injection Vulnerability |