Vulnerability Details : CVE-2002-1601
The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.
Exploit prediction scoring system (EPSS) score for CVE-2002-1601
Probability of exploitation activity in the next 30 days: 0.54%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 77 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-1601
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
References for CVE-2002-1601
-
http://www.kb.cert.org/vuls/id/AAMN-56LQ2J
US Government Resource
-
http://www.kb.cert.org/vuls/id/116875
US Government Resource
-
http://www.securityfocus.com/bid/4106
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/8210
Products affected by CVE-2002-1601
- cpe:2.3:a:adobe:photodeluxe:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photodeluxe:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photodeluxe:3.0:*:*:*:*:*:*:*