Certificate Spoofing Vulnerability in Microsoft CryptoAPI and Related Products
CVE-2002-0862

Currently unrated

Key Information:

Vendor

Microsoft
Status
Outlook Express
Konqueror
Ie For Macintosh
Office
Vendor
CVE Published:
4 October 2002

What is CVE-2002-0862?

The vulnerability in Microsoft's CryptoAPI arises from the improper verification of the Basic Constraints of intermediate CA-signed X.509 certificates. This flaw affects various Microsoft products, including Windows 98, Windows XP, Office for Mac, and Internet Explorer and Outlook Express for Mac. Attackers could exploit this weakness to perform man-in-the-middle attacks, allowing them to spoof certificates for trusted sites during SSL sessions, which can compromise sensitive data and user privacy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://marc.info/?l=bugtraq&m=102918200405308&w=2
mailing-listx_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.