CVE-2002-1039
published 2002-10-04CVE-2002-1039: Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when…
PriorityP422medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.87%
76.7th percentile
Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dcl | — | — |
| michael_dean | double_choco_latte | — | — |
| michael_dean | double_choco_latte | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_debian5.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2002-1039: dcl - Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 al...
vendor_debian·2002·CVSS 5.0
CVE-2002-1039 [MEDIUM] CVE-2002-1039: dcl - Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 al...
Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-8x7p-gq52-x9jp: Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via
ghsa_unreviewed·2022-04-30
CVE-2002-1039 [MEDIUM] GHSA-8x7p-gq52-x9jp: Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via
Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.htmlhttp://dcl.sourceforge.net/index.phphttp://marc.info/?l=bugtraq&m=102668783632589&w=2http://www.iss.net/security_center/static/9743.phphttp://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.htmlhttp://dcl.sourceforge.net/index.phphttp://marc.info/?l=bugtraq&m=102668783632589&w=2http://www.iss.net/security_center/static/9743.php
2002-10-04
Published