漏洞信息详情
Microsoft Internet Explorer安全漏洞
- CNNVD编号:CNNVD-200205-092
- 危害等级: 高危
- CVE编号: CVE-2002-0190
- 漏洞类型: 其他
- 发布时间: 2002-05-29
- 威胁类型: 远程
- 更新时间: 2021-07-27
- 厂 商: microsoft
- 漏洞来源: www.instisec.com
漏洞简介
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。
Microsoft Internet Explorer是一款微软开发的流行的WEB浏览器。Microsoft Internet Explorer存在设计漏洞,可导致远程攻击者以受信任区域欺骗用户IE来打开页面内容。Microsoft Internet Explorer在处理使用NETBiOS协议访问站点的情况下存在缺陷,攻击者可以构建恶意WEB页面,并诱使用户访问此页面,导致此页面在Intranet域或者少数情况下以受信任区域的安全环境下打开,造成以较高的权限执行嵌入在页面中的任意代码。
漏洞公告
临时解决方法:
如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 设置IE浏览器,点击菜单工具->Internet选项->安全->自定义级别,在文件下载上选择禁用。
厂商补丁:
Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS02-023)以及相应补丁:
MS02-023:15 May 2002 Cumulative Patch for Internet Explorer (Q321232)
链接:
http://www.microsoft.com/technet/security/bulletin/MS02-023.asp" target="_blank">
http://www.microsoft.com/technet/security/bulletin/MS02-023.asp
补丁下载:
Microsoft Internet Explorer 5.0 1:
Microsoft Internet Explorer 5.0.1 SP2:
Microsoft Patch q321232
http://download.microsoft.com/download/ie501sp2/secpac27/5.01_sp2/NT45/EN-US/q321232.exe" target="_blank">
http://download.microsoft.com/download/ie501sp2/secpac27/5.01_sp2/NT45/EN-US/q321232.exe
Windows NT and Windows 2000
Microsoft Internet Explorer 5.0.1 SP1:
Microsoft Internet Explorer 5.5 SP2:
Microsoft Patch q321232
http://download.microsoft.com/download/ie55sp2/secpac27/5.5_sp2/W98NT42KMe/EN-US/q321232.exe" target="_blank">
http://download.microsoft.com/download/ie55sp2/secpac27/5.5_sp2/W98NT42KMe/EN-US/q321232.exe
Microsoft Internet Explorer 5.5 SP1:
Microsoft Patch q321232
http://download.microsoft.com/download/ie55sp1/secpac27/5.5_sp1/W98NT42KMe/EN-US/q321232.exe" target="_blank">
http://download.microsoft.com/download/ie55sp1/secpac27/5.5_sp1/W98NT42KMe/EN-US/q321232.exe
Microsoft Internet Explorer 5.5:
Microsoft Internet Explorer 6.0:
Microsoft Patch q321232
http://download.microsoft.com/download/IE60/secpac27/6/W98NT42KMeXP/EN-US/q321232.exe" target="_blank">
http://download.microsoft.com/download/IE60/secpac27/6/W98NT42KMeXP/EN-US/q321232.exe
参考网址
来源:BID
链接:https://www.securityfocus.com/bid/4753
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A923
来源:XF
链接:http://www.iss.net/security_center/static/9084.php
来源:CERT-VN
链接:http://www.kb.cert.org/vuls/id/242891
来源:MS
链接:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023
受影响实体
- Microsoft Ie:5.01
- Microsoft Ie:5.01:Sp1
- Microsoft Ie:5.01:Sp2
- Microsoft Ie:5.5
- Microsoft Ie:5.5:Sp1
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论