Vulnerabilities > CVE-2002-1973
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
Exploit-Db
description | Microsoft Foundation Class Library 7.0 ISAPI Buffer Overflow Vulnerability. CVE-2002-1973 . Remote exploit for windows platform |
id | EDB-ID:21601 |
last seen | 2016-02-02 |
modified | 2002-07-08 |
published | 2002-07-08 |
reporter | Matthew Murphy |
source | https://www.exploit-db.com/download/21601/ |
title | Microsoft Foundation Class Library 7.0 ISAPI Buffer Overflow Vulnerability |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0135.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0144.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0145.html
- http://www.securityfocus.com/bid/5188
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9529
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B216562
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B310649