CVE-2002-0593 - OpenCVE

Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Netscape	Navigator Communicator
Mozilla	Mozilla

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:mozilla:0.9.9:::::::*
	cpe:2.3:a:mozilla:mozilla:1.0:rc1::::::
	cpe:2.3:a:netscape:communicator:6.1:::::::*
	cpe:2.3:a:netscape:navigator:6.0:::::::*
	cpe:2.3:a:netscape:navigator:6.01:::::::*

References

Link	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490
http://online.securityfocus.com/archive/1/270249	Vendor Advisory
http://secunia.com/advisories/8039
http://www.iss.net/security_center/static/8976.php
http://www.securityfocus.com/bid/4637	Exploit Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-06-11T04:00:00

Updated: 2007-11-13T00:00:00

Reserved: 2002-06-11T00:00:00

Link: CVE-2002-0593

JSON object: View

NVD Information

Status : Analyzed

Published: 2002-06-18T04:00:00.000

Modified: 2008-09-05T20:28:26.180

Link: CVE-2002-0593

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-04-30T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "8039", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/8039"}, {"name": "mozilla-netscape-irc-bo(8976)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/8976.php"}, {"name": "CLA-2002:490", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490"}, {"name": "4637", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/4637"}, {"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://online.securityfocus.com/archive/1/270249"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0593", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "8039", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/8039"}, {"name": "mozilla-netscape-irc-bo(8976)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8976.php"}, {"name": "CLA-2002:490", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490"}, {"name": "4637", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4637"}, {"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/270249"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0593", "datePublished": "2002-06-11T04:00:00", "dateReserved": "2002-06-11T00:00:00", "dateUpdated": "2007-11-13T00:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "9F1EB38F-CEB2-40BC-AA5D-CC539F597137", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990", "vulnerable": true}, {"criteria": "cpe:2.3:a:netscape:communicator:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0F009302-6798-4189-BE56-FB8E67C64592", "vulnerable": true}, {"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51", "vulnerable": true}, {"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*", "matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."}], "id": "CVE-2002-0593", "lastModified": "2008-09-05T20:28:26.180", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-06-18T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://online.securityfocus.com/archive/1/270249"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/8039"}, {"source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/8976.php"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/4637"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}