Lucene search

[email protected]CVE-2002-1888

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1888

2022-10-0316:23:46

[email protected]

web.nvd.nist.gov

cve-2002-1888

commonname toolbar

unqualified domain name requests

name resolution

nvd

information security

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.3%

JSON

CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names.

Affected configurations

NVD

Node

commonnamecommonname_toolbarMatch3.5.2.0

CPENameOperatorVersion
commonname:commonname_toolbarcommonname commonname toolbareq3.5.2.0

CPE	Name	Operator	Version
commonname:commonname_toolbar	commonname commonname toolbar	eq	3.5.2.0

References

archives.neohapsis.com/archives/bugtraq/2002-10/0043.html

www.iss.net/security_center/static/10293.php

www.securityfocus.com/bid/5878

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.3%

JSON

Related for CVE-2002-1888

nvd1 cvelist1