CVE-2002-0787

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2002-0787
Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0068.html Patch Vendor Advisory
http://www.iss.net/security_center/static/9053.php Patch Vendor Advisory
http://www.securityfocus.com/bid/4717 Exploit Patch Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:critical_path:injoin_directory_server:4.0:*:*:*:*:*:*:*
Information

Published : 2002-08-11 21:00

Updated : 2008-09-05 13:28

NVD link : CVE-2002-0787

Mitre link : CVE-2002-0787

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

critical_path

  • injoin_directory_server