Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0027


Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0027
Last Modified 05 Sep 2008 04:26:59
Published 08 Mar 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.

Vulnerable Systems


  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


BID - 3721

MS - MS02-005

BUGTRAQ - 20011219 Internet Explorer Document.Open() Without Close() Cookie Stealing, File Reading, Site Spoofing Bug

OSVDB - 3031

Last Updated: 27 May 2016 10:36:44