CVE-2002-0027
First published: Fri Mar 08 2002(Updated: )
Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Internet Explorer | =5.5 | |
| Internet Explorer | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-0027?
CVE-2002-0027 is considered a medium severity vulnerability due to its ability to allow unauthorized access to files.
How do I fix CVE-2002-0027?
To mitigate CVE-2002-0027, users should upgrade to a more recent version of Internet Explorer or apply any available security patches from Microsoft.
Which versions of Internet Explorer are affected by CVE-2002-0027?
CVE-2002-0027 affects Internet Explorer versions 5.5 and 6.0.
What kind of attacks can be performed using CVE-2002-0027?
Using CVE-2002-0027, attackers can read sensitive files and spoof the URL displayed in the address bar.
Is CVE-2002-0027 specific to certain operating systems?
CVE-2002-0027 is primarily a vulnerability found in the Internet Explorer browser, which can run on various Windows operating systems.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/internet explorer
- version/internet explorer/5.5
- version/internet explorer/6.0