| Vulnerability Name: | CVE-2002-2031 (CCN-7784) | ||||||||
| Assigned: | 2002-01-03 | ||||||||
| Published: | 2002-01-03 | ||||||||
| Updated: | 2021-07-23 | ||||||||
| Summary: | Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: BUGTRAQ Type: Exploit 20020103 Serious IE privacy issues Source: CCN Type: BugTraq Mailing List, Thu Jan 03 2002 - 06:08:31 CST Serious IE privacy issues Source: MITRE Type: CNA CVE-2002-2031 Source: XF Type: UNKNOWN ie-javascript-onerror(7784) Source: CCN Type: Microsoft Corporation Web site Internet Explorer Home Page Source: CCN Type: OSVDB ID: 3034 Microsoft IE JavaScript script src Local File Enumeration Source: BID Type: Exploit 3779 Source: CCN Type: BID-3779 Microsoft Internet Explorer JavaScript Local File Enumeration Vulnerability Source: XF Type: UNKNOWN ie-javascript-onerror(7784) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||