5
CVE-2002-2013
- EPSS 1.63%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netscape ≫ Communicator Version4.0
Netscape ≫ Communicator Version4.4
Netscape ≫ Communicator Version4.5
Netscape ≫ Communicator Version4.5_beta
Netscape ≫ Communicator Version4.06
Netscape ≫ Communicator Version4.6
Netscape ≫ Communicator Version4.07
Netscape ≫ Communicator Version4.7
Netscape ≫ Communicator Version4.08
Netscape ≫ Communicator Version4.51
Netscape ≫ Communicator Version4.61
Netscape ≫ Communicator Version4.72
Netscape ≫ Communicator Version4.73
Netscape ≫ Communicator Version4.74
Netscape ≫ Communicator Version4.75
Netscape ≫ Communicator Version4.76
Netscape ≫ Communicator Version4.77
Netscape ≫ Communicator Version4.78
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.63% | 0.731 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://alive.znep.com/~marcs/security/mozillacookie/demo.html
http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html
http://www.iss.net/security_center/static/7973.php
http://www.securityfocus.com/bid/3925