ID

VAR-200212-0006


CVE

CVE-2002-1183


TITLE

Microsoft Vulnerability in arbitrary code execution in product digital certificate authentication process

Trust: 0.8

sources: JVNDB: JVNDB-2002-000177

DESCRIPTION

Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Micrisoft Internet Explorer (IE) Has implemented SSL as well as Microsoft Outlook Express S/MIME Has a flaw in handling certificates. IE as well as Outlook S/MIME Then, the intermediate certificate authority ( Middle CA) Because it does not check the validity of the domain, it accepts a domain certificate created by a malicious user as normal. Usually an intermediate certificate is Basic Constraints In the extension field, it is described whether you have the authority to sign other certificate authorities. IE as well as Outlook S/MIME In the implementation of this Basic Constraints The extended area is not checked sufficiently. If the root certificate authority can be trusted, it will trust the certificate. for that reason, IE as well as Outlook S/MIME Accepts certificates from any domain signed with a bad certificate created by a malicious user as normal. By exploiting this problem, an attacker can intercept and steal encrypted information, or spoof. Microsoft Windows 2000 SP4 After applying Internet Exploer 6.0 SP1 Vendors have reported that they are affected by this issue. Eliminate this problem Windows 2000 SP4 Patch for (KB329115) But 2003 Year 11 Moon 11 Released by date.Please refer to the “Overview” for the impact of this vulnerability. A flaw has been reported in the handling of X.509 certificates by a number of products, including several web browsers. It may be possible for a malicious party to create certificates for arbitrary domains, which will be treated as trusted by the vulnerable browser. This vulnerability was originally reported in Microsoft's Internet Explorer web browser. Reports state that IIS 5.0 under Windows 2000 is also vulnerable. In this case, client certificate chains are not properly verified. Attackers may exploit this vulnerability to bypass some authentication schemes. This vulnerability also exists in some versions of KDE and the included Konqueror web browser. Versions 3.0.2 and earlier are vulnerable. ** A report suggests that the patch issued by Microsoft may not fully protect against this vulnerability. It may be possible that a malicious site using an invalid certificate may mislead users into believing that a certificate is expired rather than being invalid. ** UPDATE 11/11/03 - Microsoft has updated their bulletin for this issue. Users who installed Internet Explorer 6 after installing Windows 2000 Service Pack 4 may have reintroduced this issue onto their systems. A new patch is available for users who installed Internet Explorer 6 on Windows 2000 SP4 systems

Trust: 1.89

sources: NVD: CVE-2002-1183 // JVNDB: JVNDB-2002-000177 // BID: 5410

AFFECTED PRODUCTS

vendor:microsoftmodel:windows ntscope:eqversion:4.0

Trust: 1.9

vendor:microsoftmodel:windows 98sescope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:windows 98scope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:windows 98sescope: - version: -

Trust: 0.9

vendor:microsoftmodel:windows 9xscope:eqversion:98

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:98 scd

Trust: 0.8

vendor:microsoftmodel:windows ntscope:eqversion:4.0 (server)

Trust: 0.8

vendor:microsoftmodel:windows ntscope:eqversion:4.0 (terminal_srv)

Trust: 0.8

vendor:microsoftmodel:windows 98scope:eqversion:gold

Trust: 0.6

vendor:microsoftmodel:windows xp professional sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp professionalscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp home sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp homescope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit edition sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit editionscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xpscope:eqversion:0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp6ascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstationscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal serverscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp6ascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt serverscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp6ascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise serverscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp6a alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp6ascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp6 alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp5 alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp4 alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp3 alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp2 alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp1 alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows mescope: - version: -

Trust: 0.3

vendor:microsoftmodel:windowsscope:eqversion:98

Trust: 0.3

vendor:microsoftmodel:windows terminal services sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows terminal services sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows terminal services sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows terminal servicesscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professionalscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter serverscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced serverscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:outlook express for macosscope:eqversion:5.0.3

Trust: 0.3

vendor:microsoftmodel:outlook express for macosscope:eqversion:5.0.2

Trust: 0.3

vendor:microsoftmodel:outlook express for macosscope:eqversion:5.0.1

Trust: 0.3

vendor:microsoftmodel:outlook express for macosscope:eqversion:5.0

Trust: 0.3

vendor:microsoftmodel:outlook express for macosscope:eqversion:4.5

Trust: 0.3

vendor:microsoftmodel:outlook expressscope:eqversion:5.0

Trust: 0.3

vendor:microsoftmodel:officescope:eqversion:v.x

Trust: 0.3

vendor:microsoftmodel:office for macscope:eqversion:98

Trust: 0.3

vendor:microsoftmodel:office for macintosh sr1scope:eqversion:2001

Trust: 0.3

vendor:microsoftmodel:office for macintoshscope:eqversion:2001

Trust: 0.3

vendor:microsoftmodel:internet explorer sp2scope:eqversion:5.0.1

Trust: 0.3

vendor:microsoftmodel:internet explorer sp1scope:eqversion:5.0.1

Trust: 0.3

vendor:microsoftmodel:internet explorerscope:eqversion:5.0.1

Trust: 0.3

vendor:microsoftmodel:internet explorerscope:eqversion:6.0

Trust: 0.3

vendor:microsoftmodel:internet explorer sp2scope:eqversion:5.5

Trust: 0.3

vendor:microsoftmodel:internet explorer sp1scope:eqversion:5.5

Trust: 0.3

vendor:microsoftmodel:internet explorerscope:eqversion:5.5

Trust: 0.3

vendor:microsoftmodel:internet explorer for windowsscope:eqversion:5.02000

Trust: 0.3

vendor:microsoftmodel:internet explorerscope:eqversion:5.0

Trust: 0.3

vendor:microsoftmodel:iisscope:eqversion:5.0

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0.1

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:2.2.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.2.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.2.1

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:7.0.0.11

Trust: 0.3

vendor:beamodel:systems weblogic server for win32scope:eqversion:7.0.0.1

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:7.01

Trust: 0.3

vendor:beamodel:systems weblogic server for win32scope:eqversion:7.0

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:6.14

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:6.13

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:6.12

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:6.11

Trust: 0.3

vendor:beamodel:systems weblogic server for win32scope:eqversion:6.1

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.19

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.18

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.17

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.16

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.15

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.14

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.13

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.12

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.113

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.112

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.111

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.110

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:eqversion:5.11

Trust: 0.3

vendor:beamodel:systems weblogic server for win32scope:eqversion:5.1

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:7.0.0.11

Trust: 0.3

vendor:beamodel:systems weblogic serverscope:eqversion:7.0.0.1

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:7.03

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:7.01

Trust: 0.3

vendor:beamodel:systems weblogic serverscope:eqversion:7.0

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:6.14

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:6.13

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:6.12

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:6.11

Trust: 0.3

vendor:beamodel:systems weblogic serverscope:eqversion:6.1

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.19

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.18

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.17

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.16

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.15

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.14

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.13

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.12

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.113

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.112

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.111

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.110

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:eqversion:5.11

Trust: 0.3

vendor:beamodel:systems weblogic serverscope:eqversion:5.1

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:7.0.0.11

Trust: 0.3

vendor:beamodel:systems weblogic express for win32scope:eqversion:7.0.0.1

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:7.01

Trust: 0.3

vendor:beamodel:systems weblogic express for win32scope:eqversion:7.0

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:6.14

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:6.13

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:6.12

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:6.11

Trust: 0.3

vendor:beamodel:systems weblogic express for win32scope:eqversion:6.1

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.19

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.18

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.17

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.16

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.15

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.14

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.13

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.12

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.113

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.112

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.111

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.110

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:eqversion:5.11

Trust: 0.3

vendor:beamodel:systems weblogic express for win32scope:eqversion:5.1

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:7.0.0.11

Trust: 0.3

vendor:beamodel:systems weblogic expressscope:eqversion:7.0.0.1

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:7.03

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:7.01

Trust: 0.3

vendor:beamodel:systems weblogic expressscope:eqversion:7.0

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:6.14

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:6.13

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:6.12

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:6.11

Trust: 0.3

vendor:beamodel:systems weblogic expressscope:eqversion:6.1

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.19

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.18

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.17

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.16

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.15

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.14

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.13

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.12

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.113

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.112

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.111

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.110

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:eqversion:5.11

Trust: 0.3

vendor:beamodel:systems weblogic expressscope:eqversion:5.1

Trust: 0.3

vendor:beamodel:systems weblogic enterprise spscope:eqversion:5.110

Trust: 0.3

vendor:beamodel:systems weblogic enterprisescope:eqversion:5.1

Trust: 0.3

vendor:beamodel:systems weblogic enterprisescope:eqversion:5.0.1

Trust: 0.3

vendor:beamodel:systems tuxedoscope:eqversion:8.1

Trust: 0.3

vendor:beamodel:systems tuxedoscope:eqversion:8.0

Trust: 0.3

vendor:baltimoremodel:mailsecurescope: - version: -

Trust: 0.3

vendor:adammodel:megacz tinysslscope:eqversion:1.0.2

Trust: 0.3

vendor:kdemodel:konquerorscope:neversion:3.0.3

Trust: 0.3

vendor:kdemodel:kdescope:neversion:3.0.3

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:neversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:neversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic server for win32 spscope:neversion:6.15

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:neversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:neversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic server spscope:neversion:6.15

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:neversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:neversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic express for win32 spscope:neversion:6.15

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:neversion:7.0.0.12

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:neversion:7.02

Trust: 0.3

vendor:beamodel:systems weblogic express spscope:neversion:6.15

Trust: 0.3

vendor:adammodel:megacz tinysslscope:neversion:1.0.3

Trust: 0.3

sources: BID: 5410 // JVNDB: JVNDB-2002-000177 // CNNVD: CNNVD-200212-021 // NVD: CVE-2002-1183

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1183
value: HIGH

Trust: 1.0

NVD: CVE-2002-1183
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200212-021
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2002-1183
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2002-000177 // CNNVD: CNNVD-200212-021 // NVD: CVE-2002-1183

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1183

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-021

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200212-021

CONFIGURATIONS

sources: JVNDB: JVNDB-2002-000177

PATCH

title:MS02-050url:http://www.microsoft.com/technet/security/bulletin/MS02-050.asp

Trust: 0.8

title:MS02-050url:http://www.microsoft.com/japan/technet/security/bulletin/MS02-050.mspx

Trust: 0.8

sources: JVNDB: JVNDB-2002-000177

EXTERNAL IDS

db:NVDid:CVE-2002-1183

Trust: 2.7

db:BIDid:5410

Trust: 2.7

db:JVNDBid:JVNDB-2002-000177

Trust: 0.8

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:1455

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:2108

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:1059

Trust: 0.6

db:MSid:MS02-050

Trust: 0.6

db:XFid:9776

Trust: 0.6

db:CNNVDid:CNNVD-200212-021

Trust: 0.6

sources: BID: 5410 // JVNDB: JVNDB-2002-000177 // CNNVD: CNNVD-200212-021 // NVD: CVE-2002-1183

REFERENCES

url:http://www.securityfocus.com/bid/5410

Trust: 3.4

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050

Trust: 2.0

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/9776

Trust: 2.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1059

Trust: 2.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1455

Trust: 2.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2108

Trust: 2.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1183

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1183

Trust: 0.8

url:http://www.microsoft.com/technet/security/bulletin/ms02-050.asp

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/9776

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2108

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1455

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1059

Trust: 0.6

url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/iarwsv.asp

Trust: 0.3

url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-050.asp

Trust: 0.3

url:http://www.computerworld.com/securitytopics/security/holes/story/0,10801,73507,00.html

Trust: 0.3

url:http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/bea03-31.jsp

Trust: 0.3

url:http://www.info.apple.com/usen/security/security_updates.html

Trust: 0.3

url:/archive/1/307885

Trust: 0.3

sources: BID: 5410 // JVNDB: JVNDB-2002-000177 // CNNVD: CNNVD-200212-021 // NVD: CVE-2002-1183

CREDITS

Reported by Mike Benham <moxie@thoughtcrime.org>.

Trust: 0.3

sources: BID: 5410

SOURCES

db:BIDid:5410
db:JVNDBid:JVNDB-2002-000177
db:CNNVDid:CNNVD-200212-021
db:NVDid:CVE-2002-1183

LAST UPDATE DATE

2024-11-22T22:54:15.889000+00:00


SOURCES UPDATE DATE

db:BIDid:5410date:2009-07-11T14:56:00
db:JVNDBid:JVNDB-2002-000177date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200212-021date:2005-10-12T00:00:00
db:NVDid:CVE-2002-1183date:2024-11-20T23:40:46.207

SOURCES RELEASE DATE

db:BIDid:5410date:2002-08-06T00:00:00
db:JVNDBid:JVNDB-2002-000177date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200212-021date:2002-12-11T00:00:00
db:NVDid:CVE-2002-1183date:2002-12-11T05:00:00