5

CVE-2002-0648

The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version5.01
MicrosoftInternet Explorer Version5.01 Updatesp1
MicrosoftInternet Explorer Version5.01 Updatesp2
MicrosoftInternet Explorer Version5.5
MicrosoftInternet Explorer Version5.5 Updatesp1
MicrosoftInternet Explorer Version5.5 Updatesp2
MicrosoftInternet Explorer Version6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 48.44% 0.987
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047
http://marc.info/?l=bugtraq&m=103011639524314&w=2
http://www.iss.net/security_center/static/9936.php
http://www.securityfocus.com/bid/5560
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1026
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1148
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1207
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A608
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A776