Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2002-0077

Published: Jan 13, 2002 | Modified: Jul 23, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2002-0077
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the Local Executable Invocation via Object tag vulnerability.

Affected Software

Name Vendor Start Version End Version
Internet_explorer Microsoft 5.0.1-sp1 (including) 5.0.1-sp1 (including)
Internet_explorer Microsoft 5.0.1-sp2 (including) 5.0.1-sp2 (including)
Internet_explorer Microsoft 5.5 (including) 5.5 (including)
Internet_explorer Microsoft 5.5-sp1 (including) 5.5-sp1 (including)
Internet_explorer Microsoft 5.5-sp2 (including) 5.5-sp2 (including)
Internet_explorer Microsoft 6.0 (including) 6.0 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use