cbcvebase.
CVE-2012-6502
published 2013-01-22

CVE-2012-6502: Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files…

PriorityP415low2.6CVSS 2.0
AVNACHAuNCPINAN
EPSS
10.09%
95.1th percentile
Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT element, as demonstrated by reading a name-value pair from a local file via a \\127.0.0.1\C$\ sequence.

Affected

5 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.