Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1443

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1443
Last Modified 05 Sep 2008 04:30:36
Published 11 Apr 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1443

Summary

The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.

Vulnerable Systems

Application

  • Google Toolbar 1.1.41

  • Google Toolbar 1.1.42

  • Google Toolbar 1.1.43

  • Google Toolbar 1.1.44

  • Google Toolbar 1.1.45

  • Google Toolbar 1.1.47

  • Google Toolbar 1.1.48

  • Google Toolbar 1.1.49

  • Google Toolbar 1.1.53

  • Google Toolbar 1.1.54

  • Google Toolbar 1.1.55

  • Google Toolbar 1.1.56

  • Google Toolbar 1.1.57

  • Google Toolbar 1.1.58


References

BID - 5426

BUGTRAQ - 20020808 Exploiting the Google toolbar (GM#001-MC)

CONFIRM - http://toolbar.google.com/whatsnew.php3

MISC - http://sec.greymagic.com/adv/gm001-mc/

XF - google-toolbar-keypress-monitoring(10054)


Last Updated: 27 May 2016 10:37:20