Netscape Navigator 7.0.2 Domain Cookie elévation de privilèges

entréeeditHistoryDiffjsonxmlCTI

Une vulnérabilité a été trouvé dans Netscape Navigator 7.0.2 (Web Browser) et classée problématique. Affecté par cette vulnérabilité est une fonction inconnue du composant Domain Handler. Il n'y a aucune information à propos de possibles contremesures connues. Il est suggéré de remplacer l'object infecté par un produit alternatif.

Domaine26/09/2014 17:1817/06/2018 09:38
titlewordCookieCookie
date1072828800 (31/12/2003)1072828800 (31/12/2003)
urlhttp://www.securityfocus.com/archive/1/319919http://www.securityfocus.com/archive/1/319919
person_nameLiu Die YuLiu Die Yu
person_nicknameDieyuDieyu
price_0day$0-$5k$0-$5k
cveCVE-2003-1492CVE-2003-1492
cve_assigned11931840001193184000
cve_nvd_published10728288001072828800
cve_nvd_summaryNetscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
securityfocus74567456
securityfocus_date1051574400 (29/04/2003)1051574400 (29/04/2003)
securityfocus_classOrigin Validation ErrorOrigin Validation Error
securityfocus_titleNetscape Navigator Directory Cross-Domain Scripting VulnerabilityNetscape Navigator Directory Cross-Domain Scripting Vulnerability
xforce1192411924
xforce_titleNetscape and Mozilla could allow an attacker to obtain information from other domainsNetscape and Mozilla could allow an attacker to obtain information from other domains
xforce_identifiernetscape-domain-obtain-infonetscape-domain-obtain-info
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlUU
cvss2_vuldb_rcURUR
cvss3_vuldb_eXX
cvss3_vuldb_rlUU
cvss3_vuldb_rcRR
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
typeWeb BrowserWeb Browser
vendorNetscapeNetscape
nameNavigatorNavigator
version7.0.27.0.2
componentDomain HandlerDomain Handler
cwe59 (elévation de privilèges)59 (elévation de privilèges)
risk11
cvss2_vuldb_basescore5.05.0
cvss2_vuldb_tempscore4.84.8
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss3_meta_basescore5.35.3
cvss3_meta_tempscore5.15.1
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.15.1
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciN
cvss2_nvd_iiP
cvss2_nvd_aiN

Interested in the pricing of exploits?

See the underground prices here!