Vulnerability Details CVE-2002-1183
Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.119
EPSS Ranking 93.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/5410
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9776
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1059
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1455
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2108
- http://www.securityfocus.com/bid/5410
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9776
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1059
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1455
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2108
Products affected by CVE-2002-1183
-
cpe:2.3:o:microsoft:windows_98:-
-
cpe:2.3:o:microsoft:windows_98se:-
-
cpe:2.3:o:microsoft:windows_nt:4.0