CVE-2002-1188 | Vulnerability Database | Aqua Security

Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka Temporary Internet Files folders Name Reading.

Affected Software

Name	Vendor	Start Version	End Version
Internet_explorer	Microsoft	5.0.1 (including)	5.0.1 (including)
Internet_explorer	Microsoft	5.0.1-sp1 (including)	5.0.1-sp1 (including)
Internet_explorer	Microsoft	5.0.1-sp2 (including)	5.0.1-sp2 (including)
Internet_explorer	Microsoft	5.5 (including)	5.5 (including)
Internet_explorer	Microsoft	5.5-sp1 (including)	5.5-sp1 (including)
Internet_explorer	Microsoft	5.5-sp2 (including)	5.5-sp2 (including)
Internet_explorer	Microsoft	6.0 (including)	6.0 (including)

References

http://marc.info/?l=bugtraq\u0026m=103184415307193\u0026w=2
http://www.ciac.org/ciac/bulletins/n-018.shtml
http://www.iss.net/security_center/static/10665.php
http://www.securityfocus.com/bid/6217
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A444
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A690

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1188
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html