7.5

CVE-2001-0949

EPSS 5.68%
Veröffentlicht 04.12.2001 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpiredCRLs, (4) listenLength, (5) maxThread, (6) maxConnPerSite, (7) maxMsgLen, (8) exitTime, (9) blockTime, (10) nextUpdatePeriod, (11) buildLocal, (12) maxOCSPValidityPeriod, (13) extension, and (14) a particular combination of parameters associated with private key generation that form a string of a certain length.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 20

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Valicert ≫ Enterprise Validation Authority Version3.3

Valicert ≫ Enterprise Validation Authority Version3.4

Valicert ≫ Enterprise Validation Authority Version3.5

Valicert ≫ Enterprise Validation Authority Version3.6

Valicert ≫ Enterprise Validation Authority Version3.7

Valicert ≫ Enterprise Validation Authority Version3.8

Valicert ≫ Enterprise Validation Authority Version3.9

Valicert ≫ Enterprise Validation Authority Version4.0

Valicert ≫ Enterprise Validation Authority Version4.1

Valicert ≫ Enterprise Validation Authority Version4.2

Valicert ≫ Enterprise Validation Authority Version4.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	5.68%	0.9

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=100749428517090&w=2

http://www.valicert.com/support/security_advisory_eva.html

Vendor Advisory

URL Repurposed

http://www.securityfocus.com/bid/3621

Patch

Vendor Advisory

http://www.securityfocus.com/bid/3622

http://www.securityfocus.com/bid/3624

http://www.securityfocus.com/bid/3625

http://www.securityfocus.com/bid/3627

http://www.securityfocus.com/bid/3628

http://www.securityfocus.com/bid/3629

http://www.securityfocus.com/bid/3630

http://www.securityfocus.com/bid/3631

http://www.securityfocus.com/bid/3632

http://www.securityfocus.com/bid/3633

http://www.securityfocus.com/bid/3634

http://www.securityfocus.com/bid/3635

http://www.securityfocus.com/bid/3636

https://exchange.xforce.ibmcloud.com/vulnerabilities/7652

https://nvd.nist.gov/vuln/detail/CVE-2001-0949

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-0949

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-0949

EUVD