CVE-2002-0078Microsoft Internet Explorer vulnerability

2 documents2 sources
Severity
7.5HIGHNVD
EPSS
20.3%
top 4.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedMar 29
Latest updateApr 30

Description

The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2

🔴Vulnerability Details

1
GHSA
GHSA-rh9r-xpf4-gh2j: The zone determination function in Microsoft Internet Explorer 52022-04-30
CVE-2002-0078 — Microsoft vulnerability | cvebase