Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2003-0594

Опубликовано: 15 апр. 2004
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:*

EPSS

Процентиль: 66%
0.00522
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

redhat логотип

CVE-2003-0594

redhat
больше 21 года назад

Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

debian логотип

CVE-2003-0594

debian
больше 21 года назад

Mozilla allows remote attackers to bypass intended cookie access restr ...

github логотип

GHSA-394j-f4pf-g9c3

github
больше 3 лет назад

Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

EPSS

Процентиль: 66%
0.00522
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other