CVE DATABASE / CVE-2002-0934
CVE-2002-0934
CVSS 6.4 · MEDIUM
Summary
Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the middle of a .. (dot dot) sequence in the parameters (1) _browser_out or (2) _out_file.
CVSS 2.0 breakdown
| Base score | 6.4 (MEDIUM) |
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | PARTIAL |
| Integrity | PARTIAL |
| Availability | NONE |
Affected products
Jon_hedley alienform2
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0068.html
- http://www.iss.net/security_center/static/9325.php
- http://www.securityfocus.com/bid/4983
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.