SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

IE v5.5 Frames Cross-site Scripting Vulnerability

ID: oval:org.mitre.oval:def:225	Date: (C)2004-01-27 (M)2021-07-27
Class: VULNERABILITY	Family: windows

Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the or element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource.</p><table cellspacing='5' border='0' align='left' style='color:#08549C'><tr><td width='380px'><b>Platform:</b></td></tr><tr><td>Microsoft Windows 2000</td></tr></table><table cellspacing='5' border='0' style='color:#08549C'><tr><td width='415px'><b>Product:</b></td></tr><tr><td>Microsoft Internet Explorer</br></td></tr></table><table cellspacing='5' width="100%" border='0' style='color:#08549C'><tr><td width='640px' valign='top'><b>Reference:</b> </td></tr><tr><td><a href="javascript: openReference('http://www.scaprepo.com/view.jsp?id=CVE-2002-1187')">CVE-2002-1187</a></td></tr></table> </div> </td> </tr> </table> </div> <a href="control.jsp?command=relation&relationId=CVE-2002-1187&search=CVE-2002-1187" style="cursor:pointer;" onmouseOver="showIdsMouseOver('sub1')" onmouseOut="showIdsMouseOut('sub1')"> <div class='relation-div-small' id='sub1' style='left:45%;'> <font color="#08549C"> <table cellpadding="0" cellspacing="0" width="100%" border="0"> <tr> <td align="left"> <font color="#08549C"> <b>CVE</b> </font> <font color="#08549C" size=3> <b>   1</b> </font> </td> </tr> </table> <div id="idDiv1" style="text-overflow:ellipsis;overflow:hidden;width:120px;" > <font size=1> CVE-2002-1187<br/> </font> </div> </div> </a> <input id="idDivHidden1" name="idDivHidden1" type="hidden" value="CVE-2002-1187"> <div style="position:absolute;top:620px;left:540px;clear:both;"> <script> function footer(page){ window.open(page); } </script> <script src="/JavaScriptServlet" type="text/javascript"></script> <p style="clear:both;text-align:center;"> <center><p>© <script>document.write(new Date().getFullYear())</script> SecPod Technologies</p></center> </p> </div> </div> </body> </html>


30480



423868



253164



909



197077



282