CVE-2002-1042
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD
Description
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
Affected (26)
Products: Netscape: Enterprise Server · Sun: Iplanet Web Server, One Application Server, One Web Server
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.6 | |
| Version 4.1 | |
| Version 6.0 | |
| Version 6.0 sp3 |
References (6)
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Timeline
No history available yet.