Lucene search

[email protected]CVE-2002-0978

HistorySep 24, 2002 - 4:00 a.m.

CVE-2002-0978

2002-09-2404:00:00

[email protected]

web.nvd.nist.gov

microsoft

file transfer manager

ftm

activex

cve-2002-0978

remote attack

man-in-the-middle

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

51.3%

JSON

Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the “Persist” function.

Affected configurations

NVD

Node

microsoftfile_transfer_manager

CPENameOperatorVersion
microsoft:file_transfer_managermicrosoft file transfer managereq*

CPE	Name	Operator	Version
microsoft:file_transfer_manager	microsoft file transfer manager	eq	*

References

archives.neohapsis.com/archives/bugtraq/2002-08/0189.html

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

51.3%

JSON

Related for CVE-2002-0978

cvelist1 nvd1