Vulnerability Details CVE-2002-2413
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0178.html
- http://www.iss.net/security_center/static/9147.php
- http://www.securityfocus.com/bid/4783
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0178.html
- http://www.iss.net/security_center/static/9147.php
- http://www.securityfocus.com/bid/4783
Products affected by CVE-2002-2413
-
cpe:2.3:a:deerfield:website_pro:3.1.11.0
-
cpe:2.3:o:microsoft:windows_9x:*
-
cpe:2.3:o:microsoft:windows_nt:-
-
cpe:2.3:o:microsoft:windows_nt:3.0.1
-
cpe:2.3:o:microsoft:windows_nt:3.1
-
cpe:2.3:o:microsoft:windows_nt:3.5
-
cpe:2.3:o:microsoft:windows_nt:3.5.1
-
cpe:2.3:o:microsoft:windows_nt:3.51
-
cpe:2.3:o:microsoft:windows_nt:4.0