CVE-2002-0500

Description

Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.

Related CPE's

Could not find any relations

References

ie-dynsrc-information-disclosure(8658)

PatchVendor Advisory

4371

ExploitVendor Advisory

20020326 Retrieving information on local files in IE (GM#003-IE)

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:P/I:N/A:N

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

PARTIAL

IntegrityImpact

NONE

AvailabilityImpact

NONE

BaseScore

5

Created by Yello
About Severity.io