7.5
CVE-2002-0074
- EPSS 33.79%
- Veröffentlicht 22.04.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:43
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Information Server Version4.0
Microsoft ≫ Internet Information Services Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 33.79% | 0.982 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.cert.org/advisories/CA-2002-09.html
http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
http://seclists.org/bugtraq/2002/Apr/0126.html
http://www.cgisecurity.com/advisory/9.txt
http://www.iss.net/security_center/static/8802.php
http://www.kb.cert.org/vuls/id/883091
http://www.osvdb.org/3338
http://www.securityfocus.com/bid/4483
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A46