LiveActive security incident?Get immediate response
CVE archive

June 2002

Browse CVE records published in June 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 548 matching CVEs · Page 2 of 11.

Unknown · CVSS Not scored

CVE-2002-1824: Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during...

Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability.

Published Jun 28, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-1846: Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password befo...

Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a profile2 action to index.php.

Published Jun 28, 2005 · Updated Sep 16, 2024