Vulnerability Details CVE-2002-0131
ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?t=101113015900001&r=1&w=2
- http://www.iss.net/security_center/static/7910.php
- http://www.securityfocus.com/archive/1/250814
- http://www.securityfocus.com/bid/3893
- http://marc.info/?t=101113015900001&r=1&w=2
- http://www.iss.net/security_center/static/7910.php
- http://www.securityfocus.com/archive/1/250814
- http://www.securityfocus.com/bid/3893
Products affected by CVE-2002-0131
-
cpe:2.3:a:activestate:activepython:-
-
cpe:2.3:a:activestate:activepython:2.1
-
cpe:2.3:a:activestate:activepython:2.5.2.2
-
cpe:2.3:a:activestate:activepython:2.5.4.4
-
cpe:2.3:a:activestate:activepython:2.6.5.12