CVE-2002-2013

Published Dec 31, 2002

Last updated 16 years ago

CVSS info 5.0

Overview

Description: Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Vendor comments

Red HatNot vulnerable. This issue did not affect the versions of Mozilla as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22F00276-9071-4B96-B49C-2E0898476874"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB84CC9B-346B-4AF4-929E-D56D85960103"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9420CD82-0E5F-4486-9AF8-9DCD6ED7E037"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A9C79AB-4ABE-49E6-BAB2-94610AE0316F"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04DE7CCB-79B8-4F9B-AC14-E4A100F9E473"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1444C77E-FF98-40E5-9CA9-B4C71B3C9304"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B40771F-30CB-45D0-9EDE-1F13852085B1"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B711600-425F-4FF9-BC5E-B8D182A2B9F1"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8"
          },
          {
            "criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7"
          },
          {
            "criteria": "cpe:2.3:a:netscape:navigator:4.77:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA4FBB90-8A52-41B4-B08A-53A86CF56898"
          },
          {
            "criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51"
          },
          {
            "criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371"
          },
          {
            "criteria": "cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F112CED-879B-4A19-993A-16858B4EC16C"
          },
          {
            "criteria": "cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7D7FA24-4B6F-4D67-95BE-46819033CA6F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References