CVSS: 6.4EPSS: 94%CPEs: 11EXPL: 1CVE-2002-0976 – Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure
https://notcve.org/view.php?id=CVE-2002-0976
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. • https://www.exploit-db.com/exploits/21721 http://marc.info/?l=bugtraq&m=102960731805373&w=2 http://www.iss.net/security_center/static/9885.php http://www.securityfocus.com/bid/5490 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2002-0832
https://notcve.org/view.php?id=CVE-2002-0832
Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. • http://marc.info/?l=bugtraq&m=102864890006745&w=2 •
CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 1CVE-2002-0500
https://notcve.org/view.php?id=CVE-2002-0500
Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size. • http://archives.neohapsis.com/archives/bugtraq/2002-03/0331.html http://www.iss.net/security_center/static/8658.php http://www.securityfocus.com/bid/4371 •
CVSS: 7.5EPSS: 15%CPEs: 5EXPL: 1CVE-2002-0189 – Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
https://notcve.org/view.php?id=CVE-2002-0189
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability. Vulnerabilidad de secuencias de comandos en sitios cruzados (cross-site scripting) en Internet Explorer 6.0 permite a atacantes remotos ejecutar secuencias de comandos en la zona "Ordenador Local" con una URL que explota un recurso HTML local. También conocida como "Vulnerabilidad de secuencias de comandos en sitios cruzados en recurso HTML Local". • https://www.exploit-db.com/exploits/21750 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0242
https://notcve.org/view.php?id=CVE-2002-0242
Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. Vulnerabilidad de secuencias de comandos en sitios cruzados en Internet Explorer 6 y anteriores permite que atacante remotos ejecuten código arbitrario por medio de un formulario HTML extendido, cuya salida del servidor remoto no se ha aclarado adecuadamente. • http://marc.info/?l=bugtraq&m=101309907709138&w=2 •