• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20020420 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20061101)
Votes (Legacy)
ACCEPT(5) Armstrong, Baker, Cole, Foat, Wall
MODIFY(1) Frech
NOOP(1) Cox
REVIEWING(1) Christey
Comments (Legacy)
 Christey> NOTE: As of 5/20/2002, there is a lack of clarity regarding
   the details of this vulnerability and other vulnerabilities
   being reported by GreyMagic and Thor Larholm.  Additional
   details will be added to this candidate if/when they become
   available.  This candidate is solely for the issue that is
   being addressed by Microsoft in MS:MS02-023.  Its relationship
   with other reported issues is currently unproven.
   This candidate is subject to CD:VAGUE.
 Christey> XF:ie-dialog-window-css(8868)
 Frech> XF:ie-dialog-window-css(8868)
 Baker> I agree some of the information appears vague, but seems to be legitimate.

Proposed (Legacy)
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.