Vulnerability Description
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Ie | 6.0 |
| Microsoft | Internet Explorer | 5.5 |
References
- http://marc.info/?l=bugtraq&m=103530131201191&w=2
- http://security.greymagic.com/adv/gm012-ie/
- http://www.ciac.org/ciac/bulletins/n-018.shtml
- http://www.iss.net/security_center/static/10435.php
- http://www.iss.net/security_center/static/10436.php
- http://www.iss.net/security_center/static/10437.php
- http://www.iss.net/security_center/static/10438.php
- http://www.iss.net/security_center/static/10439.php
- http://www.securityfocus.com/bid/6028ExploitPatchVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-06
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10432
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://marc.info/?l=bugtraq&m=103530131201191&w=2
- http://security.greymagic.com/adv/gm012-ie/
FAQ
What is CVE-2002-1254?
CVE-2002-1254 is a vulnerability with a CVSS score of 7.5 (HIGH). Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached me...
How severe is CVE-2002-1254?
CVE-2002-1254 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1254?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie, Microsoft Internet Explorer.