Lucene search

[email protected]CVE-2002-1795

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1795

2022-10-0316:23:46

[email protected]

web.nvd.nist.gov

cve-2002-1795

cross-site scripting

xss

microsoft

terminal services

activex

vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.042 Low

EPSS

Percentile

92.3%

JSON

Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Affected configurations

NVD

Node

microsofttsac_activex_control

CPENameOperatorVersion
microsoft:tsac_activex_controlmicrosoft tsac activex controleq*

CPE	Name	Operator	Version
microsoft:tsac_activex_control	microsoft tsac activex control	eq	*

References

online.securityfocus.com/archive/1/294938

www.iss.net/security_center/static/10342.php

www.lac.co.jp/security/english/snsadv_e/56_e.html

www.securityfocus.com/bid/5952

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.042 Low

EPSS

Percentile

92.3%

JSON

Related for CVE-2002-1795

nvd1 cvelist1