Vulnerability Details CVE-2002-0385
Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.0%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2002-0385
-
cpe:2.3:a:vignette:storyserver:4.1
-
cpe:2.3:a:vignette:storyserver:6.0
-
cpe:2.3:a:vignette:vignette:5.0