CVE-2002-2013

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.4:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:4.77:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*

History

20 Nov 2024, 23:42

Type Values Removed Values Added
References () http://alive.znep.com/~marcs/security/mozillacookie/demo.html - Exploit () http://alive.znep.com/~marcs/security/mozillacookie/demo.html - Exploit
References () http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html - Exploit () http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html - Exploit
References () http://www.iss.net/security_center/static/7973.php - Patch () http://www.iss.net/security_center/static/7973.php - Patch
References () http://www.securityfocus.com/bid/3925 - Patch () http://www.securityfocus.com/bid/3925 - Patch

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:42


NVD link : CVE-2002-2013

Mitre link : CVE-2002-2013

CVE.ORG link : CVE-2002-2013


JSON object : View

Products Affected

netscape

  • communicator
  • navigator

mozilla

  • mozilla