CVE-2002-1186

Published: Dec 11, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."

Affected (8)

Products: Microsoft: Ie, Internet Explorer

2 products

Internet Explorer

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Microsoft Ie	Version 6.0 sp1
Microsoft Internet Explorer	Version 5.0.1
Microsoft Internet Explorer	Version 5.0.1 sp1
Microsoft Internet Explorer	Version 5.0.1 sp2
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 5.5 sp1
Microsoft Internet Explorer	Version 5.5 sp2
Microsoft Internet Explorer	Version 6.0

References (18)

http://archives.neohapsis.com/archives/bugtraq/2002-09/0018.html

Source: cve@mitre.org

Exploit

http://archives.neohapsis.com/archives/bugtraq/2002-09/0030.html

Source: cve@mitre.org

http://www.iss.net/security_center/static/10039.php

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/7845

Source: cve@mitre.org

http://www.securityfocus.com/bid/5610

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A143

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A471

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A495

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2002-09/0018.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://archives.neohapsis.com/archives/bugtraq/2002-09/0030.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/10039.php

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/7845

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/5610

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A143

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A471

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A495

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.