CVE-2002-1564 — Microsoft Internet Explorer vulnerability

2 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

21.0%

top 4.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedJun 9

Latest updateApr 30

Description

Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer5.01, 5.5, 6.0+2

🔴Vulnerability Details

GHSA

GHSA-fp3w-c9cj-pcvm: Internet Explorer 5↗2022-04-30

▶