Oval Definition:oval:org.mitre.oval:def:19
Revision Date:2014-02-24Version:48
Title:IE Cross-Site Scripting
Description:Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2002-0189
Platform(s):Microsoft Windows 2000
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • the version of mshtml.dll is less than 6.0.2716.2200
  • AND NOT the patch q321232 is installed (Installed Components key)
  • AND NOT the patch q323759 is installed (Installed Components key)
  • AND NOT the patch q328970 is installed (Installed Components key)
  • AND NOT the patch q324929 is installed (Installed Components key)
  • AND NOT the patch q810847 is installed (Installed Components key)
  • AND NOT the patch q813489 is installed (Installed Components key)
  • AND NOT the patch q818529 is installed (Installed Components key)
  • AND NOT the patch q822925 is installed (Installed Components key)
  • AND NOT the patch q828750 is installed (Installed Components key)
  • AND NOT the patch q824145 is installed (Installed Components key)
  • AND Windows 2000 Service Pack 4 (or later) is installed
  • Windows 2000 is installed
  • AND Win2K/XP/2003 service pack 4 (or later) is installed
  • AND Internet Explorer 6 is installed
    • BACK