CVE-2002-0648 Information
Description
The legacy script data-island capability for XML in Microsoft Internet Explorer 5.01 5.5 and 6.0 allows remote attackers to read arbitrary XML files and portions of other files via a URL whose \src\ attribute redirects to a local file.
Reference
http://marc.info/?l=bugtraq&m=103011639524314&w=2 http://www.iss.net/security_center/static/9936.php http://www.securityfocus.com/bid/5560 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1026 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1148 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1207 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A608 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A776
Share on: