Lucene search

[email protected]CVE-2002-1626

HistoryMar 26, 2005 - 5:00 a.m.

CVE-2002-1626

2005-03-2605:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1626

directory traversal

remote attackers

arbitrary files

url security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

Directory traversal vulnerability in Mike Spice My Calendar before 1.5 allows remote attackers to write arbitrary files via … (dot dot) sequences in a URL.

Affected configurations

NVD

Node

mike_spicemy_calendarMatch1.0

mike_spicemy_calendarMatch1.1

mike_spicemy_calendarMatch1.2

mike_spicemy_calendarMatch1.3

mike_spicemy_calendarMatch1.4

CPENameOperatorVersion
mike_spice:my_calendarmike spice my calendareq1.0
mike_spice:my_calendarmike spice my calendareq1.1
mike_spice:my_calendarmike spice my calendareq1.2
mike_spice:my_calendarmike spice my calendareq1.3
mike_spice:my_calendarmike spice my calendareq1.4

CPE	Name	Operator	Version
mike_spice:my_calendar	mike spice my calendar	eq	1.0
mike_spice:my_calendar	mike spice my calendar	eq	1.1
mike_spice:my_calendar	mike spice my calendar	eq	1.2
mike_spice:my_calendar	mike spice my calendar	eq	1.3
mike_spice:my_calendar	mike spice my calendar	eq	1.4

References

securitytracker.com/id?1003256

www.kb.cert.org/vuls/id/806091

www.securityfocus.com/bid/3856

exchange.xforce.ibmcloud.com/vulnerabilities/7966

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

Related for CVE-2002-1626

nvd1 cvelist1