Vulnerability Details : CVE-2002-1217
Potential exploit
Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.
Vulnerability category: Execute code
Products affected by CVE-2002-1217
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2002-1217
72.57%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2002-1217
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2002-1217
-
http://www.securityfocus.com/bid/5963
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A333
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
Microsoft Security Bulletin MS02-066 - Critical | Microsoft Learn
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A272
404 Not Found
-
http://security.greymagic.com/adv/gm011-ie/
Exploit;Patch;Vendor Advisory
-
http://www.iss.net/security_center/static/10371.php
-
http://marc.info/?l=bugtraq&m=103470310417576&w=2
'Internet Explorer : The D-Day' - MARC
-
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0024.html
-
http://marc.info/?l=ntbugtraq&m=103470202010570&w=2
-
http://www.ciac.org/ciac/bulletins/n-018.shtml
สล็อตเว็บตรง ฝากถอน ไม่มีขั้นต่ำ เว็บสล็อต ระบบ AI อัปเดตใหม่ 2025
Jump to