CVE-2002-1442
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check.
La barra de herramientas de Google 1.1.58 y versiones anteriores, permite a sitios web remotos realizar operaciones no autorizadas de la barra de herramientas, incluidas la ejecución de rutinas y la lectura de ficheros en otras zonas como 'My Computer' abriendo una ventana a tools.google.com o el protocolo res:, y a continuación utilizando rutinas para modificar la ubicación de la ventana a la de la URL de configuración de la barra de herramientas, con lo que se elude la verificación original.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2003-02-05 CVE Reserved
- 2003-03-18 CVE Published
- 2024-07-26 EPSS Updated
- 2024-08-08 CVE Updated
- 2024-08-08 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0066.html | Mailing List | |
| http://sec.greymagic.com/adv/gm001-mc | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| http://online.securityfocus.com/archive/1/286527 | 2024-08-08 | |
| http://www.securityfocus.com/bid/5424 | 2024-08-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.41 Search vendor "Google" for product "Toolbar" and version "1.1.41" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.42 Search vendor "Google" for product "Toolbar" and version "1.1.42" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.43 Search vendor "Google" for product "Toolbar" and version "1.1.43" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.44 Search vendor "Google" for product "Toolbar" and version "1.1.44" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.45 Search vendor "Google" for product "Toolbar" and version "1.1.45" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.47 Search vendor "Google" for product "Toolbar" and version "1.1.47" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.48 Search vendor "Google" for product "Toolbar" and version "1.1.48" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.49 Search vendor "Google" for product "Toolbar" and version "1.1.49" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.53 Search vendor "Google" for product "Toolbar" and version "1.1.53" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.54 Search vendor "Google" for product "Toolbar" and version "1.1.54" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.55 Search vendor "Google" for product "Toolbar" and version "1.1.55" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.56 Search vendor "Google" for product "Toolbar" and version "1.1.56" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.57 Search vendor "Google" for product "Toolbar" and version "1.1.57" | - |
Affected
| ||||||
| Google Search vendor "Google" | Toolbar Search vendor "Google" for product "Toolbar" | 1.1.58 Search vendor "Google" for product "Toolbar" and version "1.1.58" | - |
Affected
| ||||||