Lucene search

[email protected]CVE-2002-1183

HistoryDec 11, 2002 - 5:00 a.m.

CVE-2002-1183

2002-12-1105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

microsoft

windows

certificate validation

security

vulnerability

code execution

identity spoofing

6.8 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.524 Medium

EPSS

Percentile

97.6%

JSON

Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka “New Variant of Certificate Validation Flaw Could Enable Identity Spoofing” (CAN-2002-0862).

CPENameOperatorVersion
microsoft:windows_ntmicrosoft windows nteq4.0
microsoft:windows_98semicrosoft windows 98seeq*
microsoft:windows_98microsoft windows 98eq*

CPE	Name	Operator	Version
microsoft:windows_nt	microsoft windows nt	eq	4.0
microsoft:windows_98se	microsoft windows 98se	eq	*
microsoft:windows_98	microsoft windows 98	eq	*

References

www.securityfocus.com/bid/5410

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050

exchange.xforce.ibmcloud.com/vulnerabilities/9776

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1059

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1455

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2108

6.8 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.524 Medium

EPSS

Percentile

97.6%

JSON

Related for CVE-2002-1183

openvas4 nessus1 cve2