Vulnerability Description
Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the middle of a .. (dot dot) sequence in the parameters (1) _browser_out or (2) _out_file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jon Hedley | Alienform2 | 1.5 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0068.html
- http://www.iss.net/security_center/static/9325.phpVendor Advisory
- http://www.securityfocus.com/bid/4983Vendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0068.html
- http://www.iss.net/security_center/static/9325.phpVendor Advisory
- http://www.securityfocus.com/bid/4983Vendor Advisory
FAQ
What is CVE-2002-0934?
CVE-2002-0934 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the mi...
How severe is CVE-2002-0934?
CVE-2002-0934 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0934?
Check the references section above for vendor advisories and patch information. Affected products include: Jon Hedley Alienform2.