CVE-2002-0027

Published: Mar 8, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.

Affected (2)

Products: Microsoft: Internet Explorer

1 product

Internet Explorer

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 6.0

References (10)

http://www.osvdb.org/3031

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/246522

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/3721

Source: cve@mitre.org

ExploitPatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-005

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A974

Source: cve@mitre.org

http://www.osvdb.org/3031

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/246522

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/3721

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-005

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A974

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.