CVSS: 6.4EPSS: 33%CPEs: 7EXPL: 0CVE-2002-1188
https://notcve.org/view.php?id=CVE-2002-1188
Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading." • http://marc.info/?l=bugtraq&m=103184415307193&w=2 http://www.ciac.org/ciac/bulletins/n-018.shtml http://www.iss.net/security_center/static/10665.php http://www.securityfocus.com/bid/6217 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A444 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A690 •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2002-1262
https://notcve.org/view.php?id=CVE-2002-1262
Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files. Internet Explorer 5.5 y 6.0 no realizan comprobaciones de seguridad completas en caché externa, lo que permite a atacantes remotos leer ficheros arbitrarios • http://marc.info/?l=bugtraq&m=103825484331857&w=2 http://marc.info/?l=bugtraq&m=103910416824172&w=2 http://marc.info/?l=ntbugtraq&m=103824668621672&w=2 http://marc.info/?l=ntbugtraq&m=103909877717345&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-068 •
CVSS: 5.0EPSS: 75%CPEs: 8EXPL: 1CVE-2002-1186
https://notcve.org/view.php?id=CVE-2002-1186
Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure." • http://archives.neohapsis.com/archives/bugtraq/2002-09/0018.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0030.html http://www.iss.net/security_center/static/10039.php http://www.osvdb.org/7845 http://www.securityfocus.com/bid/5610 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A143 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre. •
CVSS: 6.8EPSS: 3%CPEs: 8EXPL: 1CVE-2002-1187 – Microsoft Internet Explorer 5 - IFrame/Frame Cross-Site/Zone Script Execution
https://notcve.org/view.php?id=CVE-2002-1187
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource. • https://www.exploit-db.com/exploits/21777 http://marc.info/?l=bugtraq&m=103158601431054&w=2 http://www.iss.net/security_center/static/10066.php http://www.osvdb.org/2998 http://www.securityfocus.com/bid/5672 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A203 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A225 •
CVSS: 5.0EPSS: 26%CPEs: 8EXPL: 0CVE-2002-1185
https://notcve.org/view.php?id=CVE-2002-1185
Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File Failure." • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0105.html http://marc.info/?l=bugtraq&m=103970996205091&w=2 http://www.eeye.com/html/Research/Advisories/AD20021211.html http://www.iss.net/security_center/static/10662.php http://www.securityfocus.com/bid/6216 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A393 https://oval.cisecurity.org/repository/search/definit •