Lucene search

MitreCVE-2002-1888

HistoryJun 28, 2005 - 4:00 a.m.

CVE-2002-1888

2005-06-2804:00:00

mitre

web.nvd.nist.gov

cve-2002-1888

commonname toolbar

unqualified domain name requests

name resolution

nvd

information security

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

21.1%

JSON

CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names.

Affected configurations

Nvd

Node

commonnamecommonname_toolbarMatch3.5.2.0

VendorProductVersionCPE
commonnamecommonname_toolbar3.5.2.0cpe:2.3:a:commonname:commonname_toolbar:3.5.2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
commonname	commonname_toolbar	3.5.2.0	cpe:2.3:a:commonname:commonname_toolbar:3.5.2.0:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-10/0043.html

www.iss.net/security_center/static/10293.php

www.securityfocus.com/bid/5878

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

21.1%

JSON

Related for CVE-2002-1888