CVE-2002-1671 — Improper Privilege Management in Microsoft Internet Explorer

CWE-269 — Improper Privilege Management CWE-267 — Privilege Defined With Unsafe Actions4 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

24.6%

top 3.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedDec 31

Latest updateApr 30

Description

Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

GHSA

GHSA-gfqv-2x4h-j842: Microsoft Internet Explorer 5↗2022-04-30

▶

📐Framework References

CWE

Improper Privilege Management↗

▶

CWE

Privilege Defined With Unsafe Actions↗

▶