CVE-2002-1442

3 documents3 sources

Severity

7.5HIGH

EPSS

0.7%

top 28.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Toolbar

Timeline

PublishedApr 11

Latest updateApr 30

Description

The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDgoogle/toolbar14 versions+13

Patches

Patch: online.securityfocus.com ↗Patch: www.securityfocus.com ↗Patch: online.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-hmfp-vr8f-x8xc: The Google toolbar 1↗2022-04-30

▶

CVEList

CVE-2002-1442: The Google toolbar 1↗2003-03-18

▶