CyberSecurityBoard
Sponsor Register Login

CVE-2002-1407

TinySSL 1.02 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.

Publication date: Fri, 11 Apr 2003 09:00:00 +0000


Cyber News related to CVE-2002-1407

CVE-2015-1408 -
medium
CVE-2015-1407 ...
54 years ago Tenable.com
CVE-2002-1407 - TinySSL 1.02 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. ...
7 years ago
CVE-2002-0192 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0193, CVE-2002-1564. Reason: This candidate was published with a description that identified a different vulnerability than what was identified in the original authoritative ...
54 years ago Tenable.com
CVE-2019-1438 - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, ...
4 years ago
CVE-2019-1435 - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, ...
4 years ago
CVE-2019-1437 - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, ...
4 years ago
CVE-2019-1433 - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, ...
4 years ago
CVE-2019-1407 - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1433, ...
4 years ago
CVE-2020-1407 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1401. ...
3 years ago
CVE-2020-1401 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1407. ...
3 years ago
CVE-2020-1400 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407. ...
2 years ago
CVE-2006-5984 - Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) txtCompanyName, (2) txtEmail, or (3) txtUserAccNum parameter to (a) ...
6 years ago
CVE-2005-1407 - Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. ...
16 years ago
CVE-2007-1407 - Unspecified vulnerability in OpenSolution Quick.Cart before 2.1 has unknown impact and attack vectors, related to a "low critical exploit." This vulnerability has been addressed through an updated version of the product: ...
16 years ago
CVE-2011-1407 - The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity. ...
13 years ago
CVE-2012-1407 - Unspecified vulnerability in the GO Message Widget (com.gau.go.launcherex.gowidget.smswidget) application 1.9, 2.1, and 2.3 for Android has unknown impact and attack vectors. ...
12 years ago
CVE-2013-1407 - Multiple cross-site scripting (XSS) vulnerabilities in the Events Manager plugin before 5.3.5 and Events Manager Pro plugin before 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) scope parameter to ...
10 years ago
CVE-2014-1407 - Multiple cross-site scripting (XSS) vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to inject arbitrary web script or HTML via (1) the submit-url parameter in a Refresh action to ...
9 years ago
CVE-1999-1407 - ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. ...
8 years ago
CVE-2001-1407 - Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug. ...
8 years ago
CVE-2016-1407 - Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576. ...
8 years ago
CVE-2004-1407 - Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php. ...
7 years ago
CVE-2006-1407 - Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) txtDomainName parameter to domains.asp or (2) SearchText or (3) ...
7 years ago
CVE-2003-1407 - Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. ...
7 years ago
CVE-2008-1407 - SQL injection vulnerability in index.php in the WebChat 1.60 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)