Vulnerability Details CVE-2002-0723
Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.242
EPSS Ranking 95.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.iss.net/security_center/static/9537.php
- http://www.securityfocus.com/bid/5196
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047
- http://www.iss.net/security_center/static/9537.php
- http://www.securityfocus.com/bid/5196
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047
Products affected by CVE-2002-0723
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6.0