VYPR
Unrated severityNVD Advisory· Published Jun 1, 2004· Updated Jun 16, 2026

CVE-2002-0385

CVE-2002-0385

Description

Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output.

Affected products

4
  • cpe:2.3:a:vignette:storyserver:4.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:vignette:storyserver:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vignette:storyserver:6.0:*:*:*:*:*:*:*
    • (no CPE)range: = 4.1, 6.0
  • cpe:2.3:a:vignette:vignette:5.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.