cbcvebase.
CVE-2002-2013
published 2002-12-31

CVE-2002-2013: Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null…

PriorityP417medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.63%
73.2th percentile
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

Affected

30 ranges· showing 25
VendorProductVersion rangeFixed in
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator
netscapecommunicator

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.