1. Home
  2. CVE Database
  3. CVE-2002-0409
MEDIUM · 5.0

CVE-2002-0409

orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the O...

Vulnerability Description

orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Microsoft.Net Framework1.0

References

FAQ

What is CVE-2002-0409?

CVE-2002-0409 is a vulnerability with a CVSS score of 5.0 (MEDIUM). orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the O...

How severe is CVE-2002-0409?

CVE-2002-0409 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-0409?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft .Net Framework.