CVE-2002-0148

Currently unrated

Key Information:

Vendor
Microsoft
Status
Internet Information Services
Internet Information Server
Vendor
CVE Published:
22 April 2002

Summary

Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.

References

http://www.iss.net/security_center/static/8803.php
vdb-entryx_refsource_XF
http://www.osvdb.org/3339
vdb-entryx_refsource_OSVDB
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

40% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.