Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:47
Updated: 2022-10-03T16:23:47
Reserved: 2022-10-03T00:00:00
Link: CVE-2002-1824
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-12-31T05:00:00.000
Modified: 2021-07-23T12:55:03.667
Link: CVE-2002-1824
JSON object: View
Redhat Information
No data.
CWE