Описание
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the or element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource.
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the or element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-1187
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A203
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A225
- http://marc.info/?l=bugtraq&m=103158601431054&w=2
- http://www.iss.net/security_center/static/10066.php
- http://www.osvdb.org/2998
- http://www.securityfocus.com/bid/5672
EPSS
CVE ID
Связанные уязвимости
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource.
EPSS