CVE-2002-1187 Information

Description

Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the frame or iframe element and javascript aka \Frames Cross Site Scripting\ as demonstrated using the PrivacyPolicy.dlg resource.

Reference

http://marc.info/?l=bugtraq&m=103158601431054&w=2 http://www.iss.net/security_center/static/10066.php http://www.osvdb.org/2998 http://www.securityfocus.com/bid/5672 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A203 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A225