CVE-2002-0862 vulnerability in Kde and Other Products
Published on October 4, 2002

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.

Vendor Advisory NVD

Products Associated with CVE-2002-0862

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2002-0862 are published in these products:

Kde Konqueror

Microsoft Internet Explorer (IE)

Microsoft Ie For Macintosh

Microsoft Outlook Express

Microsoft Office

Microsoft Internet Information Services

Adammegacz Tinyssl

Kde

Microsoft Windows 2000

Microsoft Windows 98se

Microsoft Windows Me

Microsoft Windows Nt

Microsoft Windows XP

Microsoft Windows 2000 Terminal Services

Baltimoretechnologies Mailsecure

Microsoft Windows 98

Exploit Probability

EPSS

15.13%

Percentile

94.45%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2002-0862 vulnerability in Kde and Other ProductsPublished on October 4, 2002

Products Associated with CVE-2002-0862

Exploit Probability

CVE-2002-0862 vulnerability in Kde and Other Products
Published on October 4, 2002