Oval Definition:oval:org.mitre.oval:def:495
Revision Date:2014-02-24Version:43
Title:IE v5.5 Encoded Characters Information Disclosure Vulnerability
Description:Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2002-1186
Platform(s):Microsoft Windows 2000
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Internet Explorer 5.5 Installed
  • Internet Explorer 5.5 Installed
  • OR Internet Explorer 5.5 Installed
  • OR Internet Explorer 5.5 Installed
  • OR Internet Explorer 5.5 Service Pack 2 is installed
  • AND the version of mshtml.dll is less than 5.50.4922.900
  • AND NOT the patch q328970 is installed (Installed Components key)
  • AND NOT the patch q324929 is installed (Installed Components key)
  • AND NOT the patch q810847 is installed (Installed Components key)
  • AND NOT the patch q813489 is installed (Installed Components key)
  • AND NOT the patch q818529 is installed (Installed Components key)
  • AND NOT the patch q822925 is installed (Installed Components key)
  • AND NOT the patch q828750 is installed (Installed Components key)
  • AND NOT the patch q824145 is installed (Installed Components key)
    • BACK