CVE-2002-1217

EPSS 47.1%

Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.

Productos afectados

n/a · n/a

PoCs públicas encontradas — 1

exploitdbwww.exploit-db.com/exploits/21940no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0024.html http://marc.info/?l=bugtraq&m=103470310417576&w=2 http://marc.info/?l=ntbugtraq&m=103470202010570&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 http://security.greymagic.com/adv/gm011-ie/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A333 http://www.ciac.org/ciac/bulletins/n-018.shtml http://www.iss.net/security_center/static/10371.php http://www.securityfocus.com/bid/5963