Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0191

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0191
Last Modified 10 Sep 2008 08:00:41
Published 29 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0191

Summary

Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability.

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

MS - MS02-023

XF - ie-css-read-files (8740)

BID - 4411

BUGTRAQ - 20020402 Reading portions of local files in IE, depending on structure (GM#004-IE)


Last Updated: 27 May 2016 10:36:49