CVE-2002-2031

Internet Explorer <5.6 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-2031. PoCs published by Liu Die, Tom Micklovitch.

AI-analyzed exploit summary This is a vulnerability writeup describing an information disclosure flaw in Microsoft Internet Explorer where script code can determine the existence of local files via the onError event handler. The exploit leverages the 'file://' protocol to check for files on the client host.

Description

Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Liu Die · textremotewindows
https://www.exploit-db.com/exploits/21199

This is a vulnerability writeup describing an information disclosure flaw in Microsoft Internet Explorer where script code can determine the existence of local files via the onError event handler. The exploit leverages the 'file://' protocol to check for files on the client host.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Internet Explorer (versions affected in 2002)
No auth needed
Prerequisites: Victim must visit a malicious webpage · Script execution must be enabled in the browser
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Tom Micklovitch · htmlremotewindows
https://www.exploit-db.com/exploits/21198

This exploit leverages a vulnerability in Microsoft Internet Explorer where the onError event handler can determine the existence of local files via script inclusion. It attempts to include a local file (e.g., c:\autoexec.bat) and uses JavaScript event handlers to infer file existence based on error handling.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Internet Explorer (versions affected by CVE-2002-2031)
No auth needed
Prerequisites: Victim must visit a malicious webpage using a vulnerable version of Internet Explorer
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3779
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-01/0019.html
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/7784.php

Scores

EPSS 0.2051
EPSS Percentile 97.2%

Details

Status published
Products (4)
microsoft/internet_explorer 5.0
microsoft/internet_explorer 5.0.1 (3 CPE variants)
microsoft/internet_explorer 5.5 (2 CPE variants)
microsoft/internet_explorer 6.0
Published Dec 31, 2002
Tracked Since Feb 18, 2026