Vulnerability Description
The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 5.5 |
References
- http://online.securityfocus.com/archive/1/267561
- http://www.securityfocus.com/bid/4505Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8844
- http://online.securityfocus.com/archive/1/267561
- http://www.securityfocus.com/bid/4505Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8844
FAQ
What is CVE-2002-1688?
CVE-2002-1688 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by inject...
How severe is CVE-2002-1688?
CVE-2002-1688 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1688?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.