CVE-2002-1188

high

Description

Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A690

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A444

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066

http://www.securityfocus.com/bid/6217

http://www.iss.net/security_center/static/10665.php

http://www.ciac.org/ciac/bulletins/n-018.shtml

http://marc.info/?l=bugtraq&m=103184415307193&w=2

Details

Source: Mitre, NVD

Published: 2002-12-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.16205