| Vulnerability Name: | CVE-2002-2062 (CCN-9290) | ||||||||
| Assigned: | 2002-06-06 | ||||||||
| Published: | 2002-06-06 | ||||||||
| Updated: | 2021-07-23 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: BUGTRAQ Type: Exploit, Vendor Advisory 20020606 Microsoft Internet Explorer Source: CCN Type: BugTraq Mailing List, Thu Jun 06 2002 - 10:33:44 CDT Microsoft Internet Explorer 'Folder View for FTP sites' Script Execution vulnerability Source: CCN Type: BugTraq Mailing List, Thu Jun 06 2002 - 16:55:53 CDT RE: Microsoft Internet Explorer 'Folder View for FTP sites' Script Execution vulnerability Source: MITRE Type: CNA CVE-2002-2062 Source: MISC Type: Exploit, Vendor Advisory http://www.geocities.co.jp/SiliconValley/1667/advisory02e.html Source: XF Type: UNKNOWN ie-ftp-name-xss(9290) Source: CCN Type: OSVDB ID: 3049 Microsoft IE ftp.htt FTP Web View URL XSS Source: BID Type: Exploit 4954 Source: CCN Type: BID-4954 Microsoft Internet Explorer FTP Web View Cross Site Scripting Vulnerability Source: XF Type: UNKNOWN ie-ftp-name-xss(9290) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||