CVE-2002-0023

Published: Mar 8, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read arbitrary files via malformed requests to the GetObject function, which bypass some of GetObject's security checks.

Affected (3)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.01
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 6.0

References (18)

http://archives.neohapsis.com/archives/bugtraq/2002-01/0000.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/3030

Source: cve@mitre.org

http://www.securityfocus.com/bid/3767

Source: cve@mitre.org

ExploitPatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-005

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/7758

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A40

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A50

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A77

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2002-01/0000.html