Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0023

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0023
Last Modified 05 Sep 2008 04:26:58
Published 08 Mar 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0023

Summary

Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read arbitrary files via malformed requests to the GetObject function, which bypass some of GetObject's security checks.

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

BID - 3767

MS - MS02-005

BUGTRAQ - 20020101 IE GetObject() problems

XF - ie-getobject-directory-traversal(7758)

OSVDB - 3030


Last Updated: 27 May 2016 10:36:44