Vulnerabilities > CVE-2003-0762 - Remote Security vulnerability in Foxweb 2.5

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
foxweb
nessus
exploit available

Summary

Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).

Vulnerable Configurations

Part Description Count
Application
Foxweb
1

Exploit-Db

descriptionFoxWeb 2.5 PATH_INFO Remote Buffer Overrun Vulnerability. CVE-2003-0762. Dos exploit for windows platform
idEDB-ID:23102
last seen2016-02-02
modified2003-06-27
published2003-06-27
reporterpokleyzz
sourcehttps://www.exploit-db.com/download/23102/
titleFoxWeb 2.5 PATH_INFO Remote Buffer Overrun Vulnerability

Nessus

NASL familyCGI abuses
NASL idFOXWEB_DLL.NASL
descriptionThe foxweb.dll or foxweb.exe CGI is installed. Versions 2.5 and below of this CGI program have a remote stack buffer overflow. A remote attacker could use this to crash the web server, or possibly execute arbitrary code. ** Since Nessus just verified the presence of the CGI but could ** not check the version number, this might be a false alarm.
last seen2020-06-01
modified2020-06-02
plugin id11939
published2003-12-04
reporterThis script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11939
titleFoxweb foxweb.exe / foxweb.dll Long URL Remote Overflow