CVE-2003-1265

Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html	Exploit Vendor Advisory
http://www.iss.net/security_center/static/10963.php
http://www.securityfocus.com/bid/6499
http://www.securitytracker.com/id?1005871
http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html	Exploit Vendor Advisory
http://www.iss.net/security_center/static/10963.php
http://www.securityfocus.com/bid/6499
http://www.securitytracker.com/id?1005871

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:mozilla:5.0:::::::*
	cpe:2.3:a:netscape:navigator:7.0:::::::*

History

20 Nov 2024, 23:46

Type	Values Removed	Values Added
References	~~() http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html - Exploit, Vendor Advisory~~	() http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html - Exploit, Vendor Advisory
References	~~() http://www.iss.net/security_center/static/10963.php -~~	() http://www.iss.net/security_center/static/10963.php -
References	~~() http://www.securityfocus.com/bid/6499 -~~	() http://www.securityfocus.com/bid/6499 -
References	~~() http://www.securitytracker.com/id?1005871 -~~	() http://www.securitytracker.com/id?1005871 -

Information

Published : 2003-12-31 05:00

Updated : 2024-11-20 23:46

NVD link : CVE-2003-1265

Mitre link : CVE-2003-1265

CVE.ORG link : CVE-2003-1265

JSON object : View

Products Affected

mozilla

mozilla

netscape

navigator

CWE

NVD-CWE-Other

{"id": "CVE-2003-1265", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-12-31T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/10963.php", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/6499", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1005871", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.iss.net/security_center/static/10963.php", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/6499", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1005871", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages."}], "lastModified": "2024-11-20T23:46:44.410", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:mozilla:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35FB74FC-4614-4325-9249-0DC887FD6C34"}, {"criteria": "cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30A0231A-B664-46C2-9602-B60EAD6AEC12"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}