Vulnerability Description
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 5.0.1 |
References
- http://marc.info/?l=bugtraq&m=101781180528301&w=2
- http://www.iss.net/security_center/static/8701.php
- http://www.osvdb.org/3029
- http://www.securityfocus.com/bid/4392
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-01
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://marc.info/?l=bugtraq&m=101781180528301&w=2
- http://www.iss.net/security_center/static/8701.php
- http://www.osvdb.org/3029
- http://www.securityfocus.com/bid/4392
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-01
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2002-0078?
CVE-2002-0078 is a vulnerability with a CVSS score of 7.5 (HIGH). The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based ...
How severe is CVE-2002-0078?
CVE-2002-0078 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0078?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.