Information disclosure in Microsoft Ie

CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a…

Vulnerability class: Information Disclosure

EPSS: 0.144 (96.2th percentile) — read the EPSS interpretation.

Affected products

Microsoft Ie — versions 7.0.6000.16711, 8.0.7600.16385, 8.0b
Microsoft Internet_explorer — versions 3.0, 3.0.1, 3.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_MISC)