Vulnerabilities > CVE-2002-2013

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

mozilla

netscape

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Mozilla 0.9.2 Mozilla Mozilla 0.9.2.1 Mozilla Mozilla 0.9.3 Mozilla Mozilla 0.9.4 Mozilla Mozilla 0.9.4.1 Mozilla Mozilla 0.9.5 Mozilla Mozilla 0.9.6	7
Application	Netscape Netscape Communicator 4.0 Netscape Communicator 4.4 Netscape Communicator 4.5 Netscape Communicator 4.5_Beta Netscape Communicator 4.06 Netscape Communicator 4.6 Netscape Communicator 4.07 Netscape Communicator 4.7 Netscape Communicator 4.08 Netscape Communicator 4.51 Netscape Communicator 4.61 Netscape Communicator 4.72 Netscape Communicator 4.73 Netscape Communicator 4.74 Netscape Communicator 4.75 Netscape Communicator 4.76 Netscape Communicator 4.77 Netscape Communicator 4.78 Netscape Navigator 4.77 Netscape Navigator 6.0 Netscape Navigator 6.01 Netscape Navigator 6.1 Netscape Navigator 6.2	23

Statements

contributor	Mark J Cox
lastmodified	2006-08-30
organization	Red Hat
statement	Not vulnerable. This issue did not affect the versions of Mozilla as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.

Vulnerabilities > CVE-2002-2013 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2002-2013"}]}

Summary

Vulnerable Configurations

Statements

References

Vulnerabilities > CVE-2002-2013