Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1601

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2002-1601
Last Modified 05 Sep 2008 04:31:02
Published 09 Feb 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2002-1601

Summary

The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.

Vulnerable Systems

Application

  • Adobe Photodeluxe 3.0

  • Adobe Photodeluxe 3.1

  • Adobe Photodeluxe 4.0


References

CONFIRM - http://www.kb.cert.org/vuls/id/AAMN-56LQ2J

CERT-VN - VU#116875

XF - adobe-photodeluxe-execute-java(8210)

BID - 4106


Last Updated: 27 May 2016 10:37:24