Lucene search

[email protected]CVE-2002-1601

HistoryMar 20, 2005 - 5:00 a.m.

CVE-2002-1601

2005-03-2005:00:00

[email protected]

web.nvd.nist.gov

adobe

photodeluxe

cve-2002-1601

vulnerability

security

connectables

html

applets

privileges

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.

Affected configurations

NVD

Node

adobephotodeluxeMatch3.0

adobephotodeluxeMatch3.1

adobephotodeluxeMatch4.0

CPENameOperatorVersion
adobe:photodeluxeadobe photodeluxeeq3.0
adobe:photodeluxeadobe photodeluxeeq3.1
adobe:photodeluxeadobe photodeluxeeq4.0

CPE	Name	Operator	Version
adobe:photodeluxe	adobe photodeluxe	eq	3.0
adobe:photodeluxe	adobe photodeluxe	eq	3.1
adobe:photodeluxe	adobe photodeluxe	eq	4.0

References

www.kb.cert.org/vuls/id/116875

www.kb.cert.org/vuls/id/AAMN-56LQ2J

www.securityfocus.com/bid/4106

exchange.xforce.ibmcloud.com/vulnerabilities/8210

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

Related for CVE-2002-1601

nvd1 cvelist1