CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 4CVE-2002-2031 – Microsoft Internet Explorer 5 - JavaScript Local File Enumeration
https://notcve.org/view.php?id=CVE-2002-2031
Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results. • https://www.exploit-db.com/exploits/21198 https://www.exploit-db.com/exploits/21199 http://archives.neohapsis.com/archives/bugtraq/2002-01/0019.html http://www.iss.net/security_center/static/7784.php http://www.securityfocus.com/bid/3779 •
CVSS: 5.0EPSS: 16%CPEs: 6EXPL: 1CVE-2002-1714 – Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service
https://notcve.org/view.php?id=CVE-2002-1714
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. • https://www.exploit-db.com/exploits/21404 http://online.securityfocus.com/archive/1/268776 http://www.securityfocus.com/bid/4564 https://exchange.xforce.ibmcloud.com/vulnerabilities/8904 •
CVSS: 6.8EPSS: 3%CPEs: 8EXPL: 1CVE-2002-1187 – Microsoft Internet Explorer 5 - IFrame/Frame Cross-Site/Zone Script Execution
https://notcve.org/view.php?id=CVE-2002-1187
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource. • https://www.exploit-db.com/exploits/21777 http://marc.info/?l=bugtraq&m=103158601431054&w=2 http://www.iss.net/security_center/static/10066.php http://www.osvdb.org/2998 http://www.securityfocus.com/bid/5672 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A203 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A225 •
CVSS: 6.4EPSS: 94%CPEs: 11EXPL: 1CVE-2002-0976 – Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure
https://notcve.org/view.php?id=CVE-2002-0976
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. • https://www.exploit-db.com/exploits/21721 http://marc.info/?l=bugtraq&m=102960731805373&w=2 http://www.iss.net/security_center/static/9885.php http://www.securityfocus.com/bid/5490 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2002-0832
https://notcve.org/view.php?id=CVE-2002-0832
Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. • http://marc.info/?l=bugtraq&m=102864890006745&w=2 •