VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Apr 16, 2026

CVE-2002-2013

CVE-2002-2013

Description

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

Affected products

30
  • Mozilla Corporation/Mozilla7 versions
    cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*
  • Netscape/Communicator18 versions
    cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*
  • Netscape/Navigator5 versions
    cpe:2.3:a:netscape:navigator:4.77:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:netscape:navigator:4.77:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.