Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2002-1745 | First vendor Publication | 2002-12-31 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | |||
|---|---|---|---|
| Overall CVSS Score | 7.5 | ||
| Base Score | 7.5 | Environmental Score | 7.5 |
| impact SubScore | 3.6 | Temporal Score | 7.5 |
| Exploitabality Sub Score | 3.9 | ||
| Attack Vector | Network | Attack Complexity | Low |
| Privileges Required | None | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | None | Availability Impact | None |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1745 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-193 | Off-by-one Error |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 59621 | Microsoft IIS CodeBrws.asp Off-By-One File Check Bypass Source Disclosure |
Sources (Detail)
| Source | Url |
|---|
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:23:37 |
|
| 2024-11-28 12:05:20 |
|
| 2024-02-16 05:28:29 |
|
| 2021-05-04 12:01:51 |
|
| 2021-04-22 01:01:59 |
|
| 2020-05-23 00:15:12 |
|
| 2018-10-31 00:19:42 |
|
| 2017-07-11 12:01:13 |
|
| 2016-06-28 15:01:04 |
|
| 2013-05-11 12:14:16 |
|
