CVE-2002-1186
Published Dec 11, 2002
Last updated 3 years ago
Overview
- Description
- Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure."
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A04FEA6-37B0-44B0-844F-55652ABA1F85"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D56FB8E-2553-47C1-82A2-9E59023780CE"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8541EEED-94F4-42F8-9719-57F3EC85D52B"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783"
}
],
"operator": "OR"
}
]
}
]