CVE-2002-0736

CVE Database · CVE-2002-0736

CVE-2002-0736

· N/AModified

CVSS v3.1

N/A

EPSS

31.57%

Published

Aug 12, 2002

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.

Affected Products (2)

microsoft · backofficevulnerable

References (8)

http://archives.neohapsis.com/archives/bugtraq/2002-04/0208.html

http://support.microsoft.com/support/kb/articles/q316/8/38.asp

PatchVendor Advisory

http://www.iss.net/security_center/static/8862.php

PatchVendor Advisory

http://www.securityfocus.com/bid/4528

PatchVendor Advisory

http://archives.neohapsis.com/archives/bugtraq/2002-04/0208.html

http://support.microsoft.com/support/kb/articles/q316/8/38.asp

PatchVendor Advisory

http://www.iss.net/security_center/static/8862.php

KEV Catalog EPSS Scores Vendors All CVEs