PT-2002-2782 · Microsoft · Windows 2000+1

Published

2002-12-31

Updated

2021-07-23

CVE-2002-2062

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Internet Explorer versions 5.5 through 6.0

Description A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL, when "Enable folder view for FTP sites" and "Enable Web content in folders" are selected on Windows 2000.

Recommendations For Internet Explorer versions 5.5 through 6.0, consider disabling the "Enable folder view for FTP sites" and "Enable Web content in folders" options to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-2062

Affected Products

Internet Explorer

Windows 2000

PT-2002-2782 · Microsoft · Windows 2000+1

CVE-2002-2062

Related Identifiers

Affected Products

References · 6