CVE-2002-0594

Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.

Published: Jun 18, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0594
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
netscape / navigator	6.2	6.2.x
netscape / navigator	6.0	6.0.x
mozilla / mozilla	1.0-rc1	1.0-rc1.x
netscape / navigator	6.2.1	6.2.1.x
netscape / navigator	6.01	6.01.x
netscape / navigator	6.2.2	6.2.2.x
galeon / galeon_browser	1.2	1.2.x
galeon / galeon_browser	1.2.1	1.2.1.x
netscape / navigator	6.1	6.1.x
mozilla / mozilla	0.9.9	0.9.9.x

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490
http://online.securityfocus.com/archive/1/270249
http://www.iss.net/security_center/static/8977.php
http://www.redhat.com/support/errata/RHSA-2002-192.html
http://www.redhat.com/support/errata/RHSA-2003-046.html
http://www.securityfocus.com/bid/4640

Vulnerability Database

289,599

CVE-2002-0594