Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2002-0057
HistoryMar 08, 2002 - 5:00 a.m.

CVE-2002-0057

2002-03-0805:00:00
[email protected]
web.nvd.nist.gov
5

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.028

Percentile

90.6%

JSON

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.

Affected configurations

Nvd
Node
microsoftinternet_explorerMatch6.0
OR
microsoftsql_serverMatch2000
OR
microsoftsql_serverMatch2000sp1
OR
microsoftsql_serverMatch2000sp2
OR
microsoftxml_core_servicesMatch2.6
OR
microsoftxml_core_servicesMatch3.0
OR
microsoftxml_core_servicesMatch4.0
Node
microsoftwindows_xphome
OR
microsoftwindows_xpgoldprofessional
VendorProductVersionCPE
microsoftinternet_explorer6.0cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
microsoftsql_server2000cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*
microsoftsql_server2000cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:*
microsoftsql_server2000cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:*
microsoftxml_core_services2.6cpe:2.3:a:microsoft:xml_core_services:2.6:*:*:*:*:*:*:*
microsoftxml_core_services3.0cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*
microsoftxml_core_services4.0cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*

Related

nessus 2
openvas 2
cert 1
cve 1
cvelist 1
nessus
nessus
MS02-005: MSIE 5.01 5.5 6.0 Cumulative Patch (890923)
2002-02-13 00:00:00
MS02-008: XML Core Services patch (318203)
2002-02-24 00:00:00
openvas
openvas
XML Core Services patch (Q318203)
2005-11-03 00:00:00
XML Core Services patch (Q318203)
2005-11-03 00:00:00
cert
cert
Microsoft Windows XMLHTTP component allows remote access to local data sources
2002-10-01 00:00:00
cve
cve
CVE-2002-0057
2002-06-25 04:00:00
cvelist
cvelist
CVE-2002-0057
2002-06-25 04:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.028

Percentile

90.6%

JSON
Related for NVD:CVE-2002-0057
nessus2openvas2cert1cve1cvelist1