CVE-2002-1671
published 2002-12-31CVE-2002-1671: Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData…
PriorityP417medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
12.11%
95.6th percentile
Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CWE
Improper Privilege Management
mitre_cwe
CWE-269 Improper Privilege Management
CWE-269: Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Phase: Operation
Common Consequences:
Scope: Access Control. Impact: Gain Privileges or Assume Identity.
Detection Methods:
Automated Static Analysis: Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and contro
CWE
Privilege Defined With Unsafe Actions
mitre_cwe·CVSS 5.0
[MEDIUM] CWE-267 Privilege Defined With Unsafe Actions
CWE-267: Privilege Defined With Unsafe Actions
A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Phase: Operation
Common Consequences:
Scope: Access Control. Impact: Gain Privileges or Assume Identity. A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Potential Mitigations:
[Architecture and Design] Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the softwar
http://online.securityfocus.com/archive/1/250387/2002-10-11/2002-10-17/2http://www.securityfocus.com/archive/1/250248http://www.securityfocus.com/bid/3862https://exchange.xforce.ibmcloud.com/vulnerabilities/7906http://online.securityfocus.com/archive/1/250387/2002-10-11/2002-10-17/2http://www.securityfocus.com/archive/1/250248http://www.securityfocus.com/bid/3862https://exchange.xforce.ibmcloud.com/vulnerabilities/7906
2002-12-31
Published