← CVECheck
HomeVulnerabilities

CVE-2002-1217 — HIGH severity vulnerability (Cross-Frame scripting vulnerability in the WebBrowser contro)

Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions

CVE IDCVE-2002-1217
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2002-10-28
Last modified2026-04-16
DescriptionCross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →