CVE-2002-0862 in Windows情報

要約

〜によって MITRE

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

公開

2002年10月04日

モデレーション

承諾済み

エントリ

VDB-18814

CPE

準備完了

CWE

CWE-290 (確認済み)

エクスプロイト

ダウンロード

CVSS

7.5 (NVD)

EPSS

0.18675

KEV

いいえ

アクティビティ

非常低い

セクター

Homeoffice, Police, ...

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0862
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0862
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0862/

◂ 前概要次 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!