Lucene search

MitreCVE-2002-1020

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1020

2002-10-0404:00:00

mitre

web.nvd.nist.gov

library feature

adobe content server 3.0

ebook

checkout

maximum loans

add to bookbag

security vulnerability

nvd

cve-2002-1020

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.005

Percentile

75.3%

JSON

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the “Add to bookbag” feature when the server reports that no more copies are available.

Affected configurations

Nvd

Node

adobeadobe_content_serverMatch3.0

VendorProductVersionCPE
adobeadobe_content_server3.0cpe:2.3:a:adobe:adobe_content_server:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	adobe_content_server	3.0	cpe:2.3:a:adobe:adobe_content_server:3.0:::::::*

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0020.html

marc.info/?l=vuln-dev&m=102649215618643&w=2

marc.info/?l=vuln-dev&m=102650064028760&w=2

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.005

Percentile

75.3%

JSON

Related for CVE-2002-1020