CVE-2002-0385

Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vignette:storyserver:4.1:*:*:*:*:*:*:*
cpe:2.3:a:vignette:storyserver:6.0:*:*:*:*:*:*:*
cpe:2.3:a:vignette:vignette:5.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-06-01 04:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-0385

Mitre link : CVE-2002-0385

CVE.ORG link : CVE-2002-0385


JSON object : View

Products Affected

vignette

  • storyserver
  • vignette