CVE-2002-1973
CVE-2002-1973
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/21601unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0135.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0144.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0145.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/9529http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B216562http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B310649http://www.securityfocus.com/bid/5188