PT-2002-1386 · Gator · Gator Activex

Published

2002-05-03

Updated

2016-10-18

CVE-2002-0317

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Gator ActiveX component (IEGator.dll) version 3.0.6.1

Description The issue allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file in the src parameter. This could potentially lead to unauthorized software installations.

Recommendations For Gator ActiveX component (IEGator.dll) version 3.0.6.1, consider disabling the ActiveX component until a patch is available to prevent exploitation. Avoid using the src parameter in affected API endpoints or web pages to minimize the risk of arbitrary software installations.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0317

Affected Products

Gator Activex

PT-2002-1386 · Gator · Gator Activex

CVE-2002-0317

Related Identifiers

Affected Products

References · 5