Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2002-0815
HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0815

2002-08-1204:00:00
mitre
web.nvd.nist.gov
33
cve-2002-0815
same origin policy
sop
netscape
mozilla
internet explorer
http
soap
dns domain
document.domain

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

69.7%

JSON

The Javascript “Same Origin Policy” (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server’s parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.

Affected configurations

Nvd
Node
microsoftinternet_explorerMatch6.0.2900
OR
mozillamozilla
OR
netscapenavigator
VendorProductVersionCPE
microsoftinternet_explorer6.0.2900cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
mozillamozilla*cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*
netscapenavigator*cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*

Related

cvelist 1
nvd 1
cvelist
cvelist
CVE-2002-0815
2002-08-01 04:00:00
nvd
nvd
CVE-2002-0815
2002-08-12 04:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

69.7%

JSON
Related for CVE-2002-0815
cvelist1nvd1