CVE-2002-1444

The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function.

CVSS v2.0 2.6 LOW

2.6^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:N/A:P

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://online.securityfocus.com/archive/1/287498	Exploit
http://www.sztolnia.pl/hack/googIE/googIE.html	Exploit
http://www.iss.net/security_center/static/9883.php
http://www.securityfocus.com/bid/5477	Exploit

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:internet_explorer:5.5:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6.0:::::::*
	cpe:2.3:a:google:toolbar:1.1.60:::::::*

Information

Published : 2002-08-14 21:00

Updated : 2021-07-23 05:55

NVD link : CVE-2002-1444

Mitre link : CVE-2002-1444

JSON object : View

CWE

NVD-CWE-Other

Products Affected

google

toolbar

microsoft

internet_explorer

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://online.securityfocus.com/archive/1/287498", "name": "20020815 IE [with Google Toolbar installed] crash", "tags": ["Exploit"], "refsource": "BUGTRAQ"}, {"url": "http://www.sztolnia.pl/hack/googIE/googIE.html", "name": "http://www.sztolnia.pl/hack/googIE/googIE.html", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://www.iss.net/security_center/static/9883.php", "name": "ie-google-toolbar-dos(9883)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/bid/5477", "name": "5477", "tags": ["Exploit"], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2002-1444", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2002-08-15T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:toolbar:1.1.60:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-07-23T12:55Z"}

2.6 /10