CVE-2002-0189 - Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scrip

CVE-2002-0189

Summary

Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 23-07-2021 - 12:55)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

oval via4

accepted

2014-02-24T04:00:25.465-05:00

class

vulnerability

contributors

name Andrew Buttner
organization The MITRE Corporation
name Christine Walzer
organization The MITRE Corporation
name Matthew Wojcik
organization The MITRE Corporation
name Anna Min
organization BigFix, Inc
name Sudhir Gandhe
organization Telos
name Shane Shaffer
organization G2, Inc.
name Maria Mikhno
organization ALTX-SOFT

description

family

windows

oval:org.mitre.oval:def:19

status

accepted

submitted

2004-01-27T05:00:00.000-04:00

title

IE Cross-Site Scripting

version

refmap via4

Last major update

23-07-2021 - 12:55

Published

29-05-2002 - 04:00

Last modified

23-07-2021 - 12:55