CVE-2002-1152

EPSS 0.91%
Published 11.10.2002 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Kde ≫ Kde Version3.0

Kde ≫ Kde Version3.0.1

Kde ≫ Kde Version3.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.91%	0.737

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.redhat.com/support/errata/RHSA-2002-220.html

http://marc.info/?l=bugtraq&m=103175827225044&w=2

http://www.iss.net/security_center/static/10083.php

Vendor Advisory

http://www.kde.org/info/security/advisory-20020908-1.txt

http://www.securityfocus.com/bid/5691

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2002-1152

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-1152

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-1152

EUVD