Back to search
CVE-2002-0027
Published: Jun 25, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3031
vdb-entry
x_refsource_OSVDB
20011219 Internet Explorer Document.Open() Without Close() Cookie Stealing, File Reading, Site Spoofing Bug
mailing-list
x_refsource_BUGTRAQ
3721
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:974
vdb-entry
signature
x_refsource_OVAL
MS02-005
vendor-advisory
x_refsource_MS
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now