CVE-2002-0364

EPSS 65.66%
Published 03.07.2002 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Internet Information Server Version4.0

Microsoft ≫ Internet Information Services Version5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	65.66%	0.985

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0099.html

http://marc.info/?l=bugtraq&m=102392069305962&w=2

http://marc.info/?l=ntbugtraq&m=102392308608100&w=2

http://online.securityfocus.com/archive/1/276767

http://www.iss.net/security_center/static/9327.php

http://www.kb.cert.org/vuls/id/313819

US Government Resource

http://www.securityfocus.com/bid/4855

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-028

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A182

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A29

https://nvd.nist.gov/vuln/detail/CVE-2002-0364

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0364

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0364

EUVD