Vulnerabilities > CVE-2002-1780 - Denial-Of-Service vulnerability in Alcatech Gmbh BPM Studio PRO 4.2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

alcatech-gmbh

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves.

Vulnerable Configurations

Part	Description	Count
Application	Alcatech_Gmbh Alcatech Gmbh BPM Studio PRO 4.2	1

References

http://online.securityfocus.com/archive/1/258644
http://online.securityfocus.com/archive/1/258986
https://exchange.xforce.ibmcloud.com/vulnerabilities/8299