CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0354

The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.6%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=102017952204097&w=2
http://marc.info/?l=ntbugtraq&m=102020343728766&w=2
http://marc.info/?l=bugtraq&m=102017952204097&w=2
http://marc.info/?l=ntbugtraq&m=102020343728766&w=2

Products affected by CVE-2002-0354

Mozilla » Mozilla » Version: 0.9.7

cpe:2.3:a:mozilla:mozilla:0.9.7
Mozilla » Mozilla » Version: 0.9.9

cpe:2.3:a:mozilla:mozilla:0.9.9
Mozilla » Mozilla » Version: 1.0

cpe:2.3:a:mozilla:mozilla:1.0
Netscape » Navigator » Version: 6.1

cpe:2.3:a:netscape:navigator:6.1
Netscape » Navigator » Version: 6.2

cpe:2.3:a:netscape:navigator:6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0354

Products

Pricing

Contact Us