Unrated severityNVD Advisory· Published Feb 7, 2003· Updated Jun 16, 2026
CVE-2002-1252
CVE-2002-1252
Description
The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request that is processed by the SimpleFileHandler handler.
Affected products
7cpe:2.3:a:peoplesoft:peopletools:8.14:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:peoplesoft:peopletools:8.14:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.15:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.16:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.17:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.18:*:*:*:*:*:*:*
- (no CPE)range: <8.19
- Range: <8.19
Patches
Vulnerability mechanics
References
3- www.iss.net/security_center/static/10520.phpnvdPatchVendor Advisory
- bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jspnvdVendor Advisory
- www.securityfocus.com/bid/6647nvd
News mentions
0No linked articles in our index yet.