Vulnerability Details CVE-2012-6502
Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT element, as demonstrated by reading a name-value pair from a local file via a \\127.0.0.1\C$\ sequence.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.065
EPSS Ranking 90.6%
CVSS Severity
CVSS v2 Score 2.6
References
Products affected by CVE-2012-6502
-
cpe:2.3:a:microsoft:internet_explorer:6
-
cpe:2.3:a:microsoft:internet_explorer:7
-
cpe:2.3:a:microsoft:internet_explorer:7.0.5730
-
cpe:2.3:a:microsoft:internet_explorer:8
-
cpe:2.3:a:microsoft:internet_explorer:9