CVE-2002-0131
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script.
El control ActivePython (un ActiveX para Python), cuando es usado en el Internet Explorer, no impide la lectura de archivos del sistema de ficheros del cliente, lo cual permite a atacantes remotos la lectura arbitraria de dichos ficheros mediante una página web que contenga el script Python.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2002-03-15 CVE Reserved
- 2002-03-15 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?t=101113015900001&r=1&w=2 | Mailing List | |
| http://www.securityfocus.com/archive/1/250814 | Mailing List | |
| http://www.securityfocus.com/bid/3893 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.iss.net/security_center/static/7910.php | 2016-10-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Activestate Search vendor "Activestate" | Activepython Search vendor "Activestate" for product "Activepython" | * | - |
Affected
| ||||||
| Activestate Search vendor "Activestate" | Activepython Search vendor "Activestate" for product "Activepython" | 2.1 Search vendor "Activestate" for product "Activepython" and version "2.1" | - |
Affected
| ||||||