Vulnerability Description
The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Swatch | Swatch | 3.0.3 |
References
- http://online.securityfocus.com/archive/1/272582
- http://www.iss.net/security_center/static/9100.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4746PatchVendor Advisory
- http://online.securityfocus.com/archive/1/272582
- http://www.iss.net/security_center/static/9100.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4746PatchVendor Advisory
FAQ
What is CVE-2002-0896?
CVE-2002-0896 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression ...
How severe is CVE-2002-0896?
CVE-2002-0896 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0896?
Check the references section above for vendor advisories and patch information. Affected products include: Swatch Swatch.