Lucene search

[email protected]CVE-2002-1038

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1038

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1038

double choco latte

file upload

remote attack

arbitrary files

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.3%

JSON

Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features.

Affected configurations

NVD

Node

michael_deandouble_choco_latteMatch2002-01-20

michael_deandouble_choco_latteMatch2002-02-15

CPENameOperatorVersion
michael_dean:double_choco_lattemichael dean double choco latteeq2002-01-20
michael_dean:double_choco_lattemichael dean double choco latteeq2002-02-15

CPE	Name	Operator	Version
michael_dean:double_choco_latte	michael dean double choco latte	eq	2002-01-20
michael_dean:double_choco_latte	michael dean double choco latte	eq	2002-02-15

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html

dcl.sourceforge.net/index.php

marc.info/?l=bugtraq&m=102668783632589&w=2

www.iss.net/security_center/static/9742.php

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for CVE-2002-1038

debiancve1 cvelist1 nvd1