CVE-2002-0026

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/4082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A32
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A23
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-005

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:internet_explorer:5.5:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6.0:::::::*

Information

Published : 2002-03-08 05:00

Updated : 2021-07-23 12:55

NVD link : CVE-2002-0026

Mitre link : CVE-2002-0026

JSON object : View

Products Affected

microsoft

internet_explorer

CWE

NVD-CWE-Other

7.5 /10