CVE-2002-0862 in Windows정보

요약

\~에 의해 MITRE

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

공개

2002. 10. 04.

모더레이션

수락

항목

VDB-18814

CPE

준비됨

CWE

CWE-290 (확인됨)

익스플로잇

다운로드

CVSS

7.5 (NVD)

EPSS

0.15760

KEV

아니요

활동

매우 낮음

부문

Lawfirm, Telecommunication, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0862
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0862
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0862/

◂ 이전 개요 다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!