CVE-2002-2413

Published Dec 31, 2002

Last updated 16 years ago

Overview

Description: WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_9x:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5C0F36C8-7505-4767-9652-F0E48CB3E8CA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:deerfield:website_pro:3.1.11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72D98A9C-C57C-49DE-9F3D-819E02CAE079"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References