Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1188

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2002-1188
Last Modified 10 Sep 2008 03:14:01
Published 11 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1188

Summary

Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading."

Vulnerable Systems

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

MS - MS02-066

XF - ie-object-read-tif(10665)

BUGTRAQ - 20020912 LEVERAGING CROSS-PROTOCOL SCRIPTING IN MSIE

BID - 6217

CIAC - N-018


Last Updated: 27 May 2016 10:37:14