CVE-2002-0934

Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the middle of a .. (dot dot) sequence in the parameters (1) _browser_out or (2) _out_file.

Published: Oct 4, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0934
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
jon_hedley / alienform2	1.5	1.5.x

http://archives.neohapsis.com/archives/bugtraq/2002-06/0068.html
http://www.iss.net/security_center/static/9325.php
http://www.securityfocus.com/bid/4983

Vulnerability Database

CVE-2002-0934