7.5
CVE-2002-0148
- EPSS 64.49%
- Veröffentlicht 22.04.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Information Server Version4.0
Microsoft ≫ Internet Information Services Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 64.49% | 0.991 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.cert.org/advisories/CA-2002-09.html
http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
http://www.iss.net/security_center/static/8803.php
http://www.kb.cert.org/vuls/id/886699
http://www.osvdb.org/3339
http://www.securityfocus.com/bid/4486
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A81
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A92