Oval Definition:	oval:org.mitre.oval:def:471
Revision Date: 2014-02-24 Version: 44 Title: IE v5.01 Encoded Characters Information Disclosure Vulnerability Description: Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2002-1186 Platform(s): Microsoft Windows 2000 Product(s): Microsoft Internet Explorer Definition Synopsis Internet Explorer 5.01 Installed Internet Explorer 5.01 Installed OR Internet Explorer 5.01 Installed OR Internet Explorer 5.01 Installed OR Internet Explorer 5.01 Installed OR Internet Explorer 5.01 Installed OR Internet Explorer 5.01 Installed OR Internet Explorer 5.01 Installed OR Internet Explorer 5.01 Service Pack 2 is installed AND File %windir%\system32\mshtml.dll version is less than 5.0.3510.1100 AND NOT the patch q328970 is installed (Installed Components key) AND NOT the patch q324929 is installed (Installed Components key) AND NOT the patch q810847 is installed (Installed Components key) AND NOT the patch q813489 is installed (Installed Components key) AND NOT the patch q818529 is installed (Installed Components key)
BACK