CVE-2002-1188 — Microsoft Internet Explorer vulnerability

2 documents2 sources

Severity

6.4MEDIUMNVD

EPSS

16.2%

top 5.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedDec 11

Latest updateApr 30

Description

Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading."

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2

Patches

Patch: www.iss.net ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-2v3g-7257-hfv5: Internet Explorer 5↗2022-04-30

▶