CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2125

Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.6%

CVSS Severity

CVSS v2 Score 6.4

References

http://www.iss.net/security_center/static/10180.php
http://www.securityfocus.com/archive/1/292842
http://www.securityfocus.com/bid/5778
http://www.iss.net/security_center/static/10180.php
http://www.securityfocus.com/archive/1/292842
http://www.securityfocus.com/bid/5778

Products affected by CVE-2002-2125

Microsoft » Ie » Version: 6.0

cpe:2.3:a:microsoft:ie:6.0
Microsoft » Internet Explorer » Version: 6.0.2600

cpe:2.3:a:microsoft:internet_explorer:6.0.2600
Microsoft » Internet Explorer » Version: 6.0.2800.1106

cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2125

Products

Pricing

Contact Us