VDB

GCVE-110-CERTCC-2002-244729

GCVE-110-CERTCC-2002-244729
Advisory Published
Vulnetix · Advisory published December 3, 2002
A vulnerability in the way Microsoft Internet Explorer (IE) handles window ornament parameters in dialog frames allows script from a dialog frame in one domain to execute in a different domain, including the Local Machine Zone. The script could read certain local files and data (i.e. cookies) from other web sites. In the presence of other vulnerabilities (VU#626395, VU#25249), the script could execute arbitrary commands.

Risk Scores

certcc-cam
certcc-cam
impact7population17exploitation0widely_known19score_current16.734375ease_of_exploitation15

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›