CVE-2002-2292

Halycon Software iASP 1.0.9 - Path Traversal via HTTP Request to Port 9095

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10860
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-12/0126.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6394

Scores

EPSS 0.0154
EPSS Percentile 72.0%

Details

CWE
CWE-22
Status published
Products (1)
halycon_software/iasp 1.0.9
Published Dec 31, 2002
Tracked Since Feb 18, 2026