Lucene search

[email protected]CVE-2002-1020

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1020

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

library feature

adobe content server 3.0

ebook

checkout

maximum loans

add to bookbag

security vulnerability

nvd

cve-2002-1020

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.3%

JSON

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the “Add to bookbag” feature when the server reports that no more copies are available.

Affected configurations

NVD

Node

adobeadobe_content_serverMatch3.0

CPENameOperatorVersion
adobe:adobe_content_serveradobe adobe content servereq3.0

CPE	Name	Operator	Version
adobe:adobe_content_server	adobe adobe content server	eq	3.0

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0020.html

marc.info/?l=vuln-dev&m=102649215618643&w=2

marc.info/?l=vuln-dev&m=102650064028760&w=2

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2002-1020

cvelist1 nvd1