CVE-2002-0346

Currently unrated

Key Information:

Vendor
Oracle
Status
Cobalt Raq 3i
Cobalt Raq 2
Cobalt Raq 4
Vendor
CVE Published:
25 June 2002

Badges

👾 Exploit Exists🟡 Public PoC

Summary

Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2002-0346
Created by alt3kx

References

http://www.iss.net/security_center/static/8321.php
vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=101495944202452&w=2
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/4211
vdb-entryx_refsource_BID

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.