Vulnerability Description
The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Photodeluxe | 3.0 |
References
- http://www.kb.cert.org/vuls/id/116875US Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-56LQ2JUS Government Resource
- http://www.securityfocus.com/bid/4106Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8210
- http://www.kb.cert.org/vuls/id/116875US Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-56LQ2JUS Government Resource
- http://www.securityfocus.com/bid/4106Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8210
FAQ
What is CVE-2002-1601?
CVE-2002-1601 is a vulnerability with a CVSS score of 5.1 (MEDIUM). The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain pr...
How severe is CVE-2002-1601?
CVE-2002-1601 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1601?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Photodeluxe.