VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Oct 4, 2002· Updated Apr 16, 2026

CVE-2002-1042

CVE-2002-1042

Description

Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.

Affected products

26
  • Netscape/Enterprise Server
    cpe:2.3:a:netscape:enterprise_server:3.6:*:*:*:*:*:*:*
  • Sun Corporation/Iplanet Web Server21 versions
    cpe:2.3:a:sun:iplanet_web_server:4.1:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:sun:iplanet_web_server:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:enterprise:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:*:*:*:*:*:*
    • cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:enterprise:*:*:*:*:*
  • Sun Corporation/One Application Server3 versions
    cpe:2.3:a:sun:one_application_server:6.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:sun:one_application_server:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_application_server:6.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_application_server:6.0:sp2:*:*:*:*:*:*
  • Sun Corporation/One Web Server
    cpe:2.3:a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.