CVE-2002-0077Microsoft Internet Explorer vulnerability

2 documents2 sources
Severity
7.5HIGHNVD
EPSS
7.9%
top 7.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedJan 13
Latest updateApr 30

Description

Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2

🔴Vulnerability Details

1
GHSA
GHSA-4q4q-pr45-j3xr: Microsoft Internet Explorer 52022-04-30
CVE-2002-0077 — Microsoft vulnerability | cvebase