Vulnerability Description
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 5.0.1 |
References
- http://marc.info/?l=bugtraq&m=101103188711920&w=2
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-01
- http://marc.info/?l=bugtraq&m=101103188711920&w=2
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-01
FAQ
What is CVE-2002-0077?
CVE-2002-0077 is a vulnerability with a CVSS score of 7.5 (HIGH). Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables pres...
How severe is CVE-2002-0077?
CVE-2002-0077 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0077?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.