Lucene search

MitreCVE-2002-1795

HistoryJun 28, 2005 - 4:00 a.m.

CVE-2002-1795

2005-06-2804:00:00

mitre

web.nvd.nist.gov

cve-2002-1795

cross-site scripting

xss

microsoft

terminal services

activex

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.018

Percentile

88.3%

JSON

Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Affected configurations

Nvd

Node

microsofttsac_activex_control

VendorProductVersionCPE
microsofttsac_activex_control*cpe:2.3:a:microsoft:tsac_activex_control:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	tsac_activex_control	*	cpe:2.3:a:microsoft:tsac_activex_control::::::::

References

online.securityfocus.com/archive/1/294938

www.iss.net/security_center/static/10342.php

www.lac.co.jp/security/english/snsadv_e/56_e.html

www.securityfocus.com/bid/5952

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.018

Percentile

88.3%

JSON

Related for CVE-2002-1795