Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0023Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
34.0%
top 3.02%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedMar 8
Latest updateApr 30

Description

Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read arbitrary files via malformed requests to the GetObject function, which bypass some of GetObject's security checks.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.01, 5.5, 6.0+2

Patches

Patch: archives.neohapsis.comPatch: www.securityfocus.comPatch: archives.neohapsis.com

🔴Vulnerability Details

1
GHSA
GHSA-p5wp-9g62-jf87: Internet Explorer 52022-04-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5/6 - GetObject File Disclosure2002-01-01
CVE-2002-0023 — Microsoft vulnerability | cvebase