Vulnerability Details CVE-2002-2031
Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.335
EPSS Ranking 96.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0019.html
- http://www.iss.net/security_center/static/7784.php
- http://www.securityfocus.com/bid/3779
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0019.html
- http://www.iss.net/security_center/static/7784.php
- http://www.securityfocus.com/bid/3779
Products affected by CVE-2002-2031
-
cpe:2.3:a:microsoft:internet_explorer:5.0
-
cpe:2.3:a:microsoft:internet_explorer:5.0.1
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6.0