Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2125


Vulnerability Score 6.4 6.4
CVE Id CVE-2002-2125
Last Modified 05 Sep 2008 04:32:23
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack.

Vulnerable Systems


  • Microsoft Ie 6.0

  • Microsoft Ie 6.0.2600

  • Microsoft Ie 6.0.2800.1106


BID - 5778

BUGTRAQ - 20020923 IE6 SSL Certificate Chain Verification

XF - ie-ssl-certificate-expired(10180)

Last Updated: 27 May 2016 10:37:37