PT-2002-1217 · Activestate · Activepython

Published

2002-03-15

Updated

2016-10-18

CVE-2002-0131

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions ActivePython (affected versions not specified)

Description The issue concerns the ActivePython ActiveX control for Python in the AXScript package. When used in Internet Explorer, it does not prevent a script from reading files from the client's filesystem. This allows remote attackers to read arbitrary files via a malicious web page containing Python script.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0131

Affected Products

Activepython

PT-2002-1217 · Activestate · Activepython

CVE-2002-0131

Related Identifiers

Affected Products

References · 5