7.5
CVE-2002-0002
- EPSS 5.28%
- Veröffentlicht 31.01.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Engardelinux ≫ Secure Linux Version1.0.1
Mandrakesoft ≫ Mandrake Linux Version8.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.28% | 0.915 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=stunnel-users&m=100869449828705&w=2
http://online.securityfocus.com/archive/1/247427
http://online.securityfocus.com/archive/1/248149
http://stunnel.mirt.net/news.html
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3
http://www.redhat.com/support/errata/RHSA-2002-002.html
http://www.securityfocus.com/bid/3748
https://exchange.xforce.ibmcloud.com/vulnerabilities/7741