CVE-2002-0078

Published: Mar 29, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.

Affected (6)

Products: Microsoft: Internet Explorer

1 product

Internet Explorer

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.0.1 sp1
Microsoft Internet Explorer	Version 5.0.1 sp2
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 5.5 sp1
Microsoft Internet Explorer	Version 5.5 sp2
Microsoft Internet Explorer	Version 6.0

References (12)

http://marc.info/?l=bugtraq&m=101781180528301&w=2

Source: cve@mitre.org

http://www.iss.net/security_center/static/8701.php

Source: cve@mitre.org

http://www.osvdb.org/3029

Source: cve@mitre.org

http://www.securityfocus.com/bid/4392

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-015

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A96

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=101781180528301&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/8701.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/3029

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/4392

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-015

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A96

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.