5
CVE-2002-1252
- EPSS 1.37%
- Veröffentlicht 07.02.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request that is processed by the SimpleFileHandler handler.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Peoplesoft ≫ Peopletools Version8.14
Peoplesoft ≫ Peopletools Version8.15
Peoplesoft ≫ Peopletools Version8.16
Peoplesoft ≫ Peopletools Version8.17
Peoplesoft ≫ Peopletools Version8.18
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.37% | 0.684 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21811
http://www.iss.net/security_center/static/10520.php
http://www.securityfocus.com/bid/6647