CVE-2002-2013
published 2002-12-31CVE-2002-2013: Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null…
PriorityP417medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.63%
73.2th percentile
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | mozilla | — | — |
| mozilla | mozilla | — | — |
| mozilla | mozilla | — | — |
| mozilla | mozilla | — | — |
| mozilla | mozilla | — | — |
| mozilla | mozilla | — | — |
| mozilla | mozilla | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gf6p-gjjg-j6pg: Mozilla 0
ghsa_unreviewed·2022-04-30
CVE-2002-2013 [MEDIUM] GHSA-gf6p-gjjg-j6pg: Mozilla 0
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Red Hat
libXt: Array Index error leading to heap-based OOB write
vendor_redhat·2013-05-23·CVSS 6.8
CVE-2013-2002 [MEDIUM] CWE-129 libXt: Array Index error leading to heap-based OOB write
libXt: Array Index error leading to heap-based OOB write
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
Statement: This issue affects the libXt package in Red Hat Enterprise Linux 5. Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not planned to be fixed in Red Hat Enterprise Linux 5 as it is now in Production 3 Phase of the support and maintenance life cycle: https://access.redhat.com/support/policy/updates/errata/
Package: libXt (Red Hat Enterprise Linux 5) - Will not fix
Red Hat
CVE-2002-2013: Mozilla 0
vendor_redhat·CVSS 5.0
CVE-2002-2013 [MEDIUM] CVE-2002-2013: Mozilla 0
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Statement: Not vulnerable. This issue did not affect the versions of Mozilla as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.
No detection rules found.
Exploit-DB
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
exploitdb·2018-11-14·CVSS 7.5
CVE-2018-7182 [HIGH] ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
---
# Exploit Title: ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
# Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam
# Exploit Author: Magnus Klaaborg Stubman (@magnusstubman)
# Website: https://dumpco.re/blog/cve-2018-7182
# Vendor Homepage: http://www.ntp.org/
# Software Link: https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p10.tar.gz
# Version: ntp 4.2.8p6 - 4.2.8p10
# CVE: CVE-2018-7182
# Note: this PoC exploit only crashes the target when target is ran under a memory sanitiser such as ASan / Valgrind
#$ sudo valgrind ./ntpd/ntpd -n -c ~/resources/ntp.conf
#==50079== Memcheck, a memory error detector
#==50079== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
#==50079== Using Valgrind-3.10.0 an
Exploit-DB
Webuzo 2.1.3 - Multiple Vulnerabilities
exploitdb·2014-02-28·CVSS 7.5
CVE-2013-6043 [HIGH] Webuzo 2.1.3 - Multiple Vulnerabilities
Webuzo 2.1.3 - Multiple Vulnerabilities
---
# Exploit Title: Webuzo Multiple Vulnerabilities
# Date: 7 October 2013
# Exploit Author: Mahendra
# Vendor Homepage: www.webuzo.com
# Software Link: http://downloads.webuzo.com/va.php
# Version: 2.1.3, other version might be vulnerable.
# Tested on: CentOS release 6.2 (FINAL)
# CVE : CVE-2013-6041, CVE-2013-6042, CVE-2013-6043
*Advisory details*
Webuzo 2.1.3 has been identified with multiple security vulnerabilities, which can be exploited to perform remote OS command injection, execute malicious script and enumerate users.
Authentication is not required to exploit these issues.
*Proof of Concept (PoC)*
Remote OS Command Injection (Webuzo) - CVE-2013-6041
GET /index.php?act=login HTTP/1.1
Host: xx.xx.xx.xx:2002
User-Agent: Mozilla/5
Exploit-DB
Winamp 5.63 - 'winamp.ini' Local Overflow
exploitdb·2013-08-26
CVE-2013-4694 Winamp 5.63 - 'winamp.ini' Local Overflow
Winamp 5.63 - 'winamp.ini' Local Overflow
---
# Exploit Title: winampevilskin.py
# Date: 25 August 2013
# Exploit Author: Ayman Sagy
# Vendor Homepage: http://www.winamp.com/
# Version: 5.63
# Tested on: Windows XP Professional SP3 Version 2002
# CVE : 2013-4694
#
# Ayman Sagy August 2013
#
# This is an exploit for Bug #1 described in http://www.exploit-db.com/exploits/26558/
# Credit for discovering the vulnerability goes to Julien Ahrens from Inshell Security
#
# The exploit will generate a winamp.ini file that will cause winamp to run the payload upon startup
#
#
# I tried an alpha3 encoded egghunter but could not fit it in a single buffer and unfortunately it did not work, it wrote an invalid address on the stack then tried to access it
# If you can make it work or find a solution fo
Exploit-DB
Light HTTPd 0.1 (Windows) - Remote Buffer Overflow
exploitdb·2013-04-25
CVE-2002-1549 Light HTTPd 0.1 (Windows) - Remote Buffer Overflow
Light HTTPd 0.1 (Windows) - Remote Buffer Overflow
---
import urllib2
from time import sleep
#########################################################################################################################################
# Title************************Windows Light HTTPD v0.1 HTTP GET Buffer Overflow
# Discovered and Reported******24th of April, 2013
# Discovered/Exploited By******Jacob Holcomb/Gimppy042
# Software Vendor**************http://sourceforge.net/projects/lhttpd/?source=navbar
# Exploit/Advisory*************http://infosec42.blogspot.com/
# Software*********************Light HTTPD v0.1
# Tested Platform**************Windows XP Professional SP2
# Date*************************24/04/2013
#
#PS - This is a good piece of software to practice Stack Based Buffer Overflows i
http://alive.znep.com/~marcs/security/mozillacookie/demo.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-01/0270.htmlhttp://www.iss.net/security_center/static/7973.phphttp://www.securityfocus.com/bid/3925http://alive.znep.com/~marcs/security/mozillacookie/demo.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-01/0270.htmlhttp://www.iss.net/security_center/static/7973.phphttp://www.securityfocus.com/bid/3925
2002-12-31
Published