Vulnerability Details CVE-2002-1188
Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.162
EPSS Ranking 94.5%
CVSS Severity
CVSS v2 Score 6.4
References
- http://marc.info/?l=bugtraq&m=103184415307193&w=2
- http://www.ciac.org/ciac/bulletins/n-018.shtml
- http://www.iss.net/security_center/static/10665.php
- http://www.securityfocus.com/bid/6217
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A444
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A690
- http://marc.info/?l=bugtraq&m=103184415307193&w=2
- http://www.ciac.org/ciac/bulletins/n-018.shtml
- http://www.iss.net/security_center/static/10665.php
- http://www.securityfocus.com/bid/6217
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A444
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A690
Products affected by CVE-2002-1188
-
cpe:2.3:a:microsoft:internet_explorer:5.0.1
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6.0