CVE: CVE-2002-1601 - CVE-Search

CVE Details for CVE: CVE-2002-1601

Summary

The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.

Timestamps
Last major update	11-07-2017 - 01:29
Published	09-02-2002 - 05:00
Last modified	11-07-2017 - 01:29

References

Vulnerable Configurations

cpe:2.3:a:adobe:photodeluxe:3.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:photodeluxe:3.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:photodeluxe:4.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:photodeluxe:4.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:photodeluxe:3.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:photodeluxe:3.0:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

NVD-CWE-Other

CVSS

Base

5.1

Impact

6.4

Exploitability

4.9

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

CVSS3

None

VIA4 references

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:P

refmap via4

bid	4106
cert-vn	VU#116875
confirm	http://www.kb.cert.org/vuls/id/AAMN-56LQ2J
xf	adobe-photodeluxe-execute-java(8210)