Vulnerability Details CVE-2001-0092
A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.184
EPSS Ranking 94.9%
CVSS Severity
CVSS v2 Score 2.6
References
- http://www.osvdb.org/7817
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6086
- http://www.osvdb.org/7817
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6086
Products affected by CVE-2001-0092
-
cpe:2.3:a:microsoft:internet_explorer:5.0
-
cpe:2.3:a:microsoft:internet_explorer:5.01
-
cpe:2.3:a:microsoft:internet_explorer:5.5