Vulnerability Details

ID: CVE-2002-2062

Last Modified: July 23, 2021

Open in new window

Description

Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL.

CVSS V2

Access Vector: Network

Access Complexity: Medium

Authentication: None

Confidentiality Impact: None

Integrity Impact: Partial

Availability Impact: None

Base Score: 4.3

Exploitability Score: 8.6

Impact Score: 2.9

CVSS V2: AV:N/AC:M/Au:N/C:N/I:P/A:N

Specialize CVSS-Score

CWE-ID

NVD-CWE-Other

Snort-Rules

['alert tcp $EXTERNAL_NET $FILE_DATA_PORTS -> $HOME_NET any ( msg:"BROWSER-IE Microsoft Internet Explorer FTP command injection attempt"; flow:to_client,established; file_data; content:"ftp|3A 2F 2F|",fast_pattern,nocase; pcre:"/ftp\\x3A\\x2F\\x2F((\\x22|\\x27)|%(25)?(22|27))(\\x3c|%(25)?3c)/i"; metadata:policy max-detect-ips drop; service:ftp-data,http,imap,pop3; reference:bugtraq,11826; reference:cve,2002-2062; reference:cve,2004-1166; reference:url,exploit-db.com/exploits/21515; classtype:attempted-user; sid:18300; rev:9; )\n']

Configuration

Condition		Configuration
OR
OR
	cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:::::: Part: a Product: internet_explorer Update: sp2 Vendor: microsoft Version: 5.5	Alle Schwachstellen für microsoft
	cpe:2.3:a:microsoft:internet_explorer:5.5:::::::* Part: a Product: internet_explorer Vendor: microsoft Version: 5.5	Alle Schwachstellen für microsoft
	cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:::::: Part: a Product: internet_explorer Update: sp1 Vendor: microsoft Version: 5.5	Alle Schwachstellen für microsoft
	cpe:2.3:a:microsoft:internet_explorer:6.0:::::::* Part: a Product: internet_explorer Vendor: microsoft Version: 6.0	Alle Schwachstellen für microsoft

Pre-Condition

                    <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="application" value="cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*"/>
        <prop key="application" value="cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*"/>
        <prop key="application" value="cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*"/>
        <prop key="application" value="cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*"/>
    </set>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="remote"/>
</set>

Post-Condition

                      <?xml version="1.0" ?>
<set operator="and">
    <prop key="target" value="host"/>
    <set operator="or">
        <prop key="program_influence" value="input"/>
        <prop key="program_influence" value="output"/>
        <prop key="program_influence" value="existence"/>
    </set>
    <prop key="data" value="any"/>
    <set operator="or">
        <prop key="data_influence" value="write"/>
        <prop key="data_influence" value="delete"/>
    </set>
    <set operator="or">
        <prop key="range" value="remote"/>
        <prop key="range" value="local"/>
    </set>
</set>

HPI-VDB — Database for IT-Attack Analysis