CVE-2002-1217

Published: Oct 28, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.

Affected (4)

Products: Microsoft: Internet Explorer

1 product

Internet Explorer

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 5.5 sp1
Microsoft Internet Explorer	Version 5.5 sp2
Microsoft Internet Explorer	Version 6.0

References (20)

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0024.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=103470310417576&w=2

Source: cve@mitre.org

http://marc.info/?l=ntbugtraq&m=103470202010570&w=2

Source: cve@mitre.org

http://security.greymagic.com/adv/gm011-ie/

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.ciac.org/ciac/bulletins/n-018.shtml

Source: cve@mitre.org

http://www.iss.net/security_center/static/10371.php

Source: cve@mitre.org

http://www.securityfocus.com/bid/5963

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A272

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A333

Source: cve@mitre.org

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0024.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=103470310417576&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=ntbugtraq&m=103470202010570&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.greymagic.com/adv/gm011-ie/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.ciac.org/ciac/bulletins/n-018.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/10371.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/5963

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A272

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A333

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.