Vulnerability Details CVE-2002-1601
The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.0%
CVSS Severity
CVSS v2 Score 5.1
References
- http://www.kb.cert.org/vuls/id/116875
- http://www.kb.cert.org/vuls/id/AAMN-56LQ2J
- http://www.securityfocus.com/bid/4106
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8210
- http://www.kb.cert.org/vuls/id/116875
- http://www.kb.cert.org/vuls/id/AAMN-56LQ2J
- http://www.securityfocus.com/bid/4106
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8210
Products affected by CVE-2002-1601
-
cpe:2.3:a:adobe:photodeluxe:3.0
-
cpe:2.3:a:adobe:photodeluxe:3.1
-
cpe:2.3:a:adobe:photodeluxe:4.0