CVE-2002-2294

EPSS 1.17%
Published 31.12.2002 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Symantec ≫ Enterprise Firewall Version6.5.2 Editionwindows_2000_nt

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Enterprise Firewall Version7.0 Editionsolaris

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Enterprise Firewall Version7.0 Editionwindows_2000_nt

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Raptor Firewall Version6.5 Editionwindows_nt

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Raptor Firewall Version6.5.3 Editionsolaris

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Velociraptor Versionmodel_500

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Velociraptor Versionmodel_700

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Velociraptor Versionmodel_1000

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Velociraptor Versionmodel_1100

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Velociraptor Versionmodel_1200

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Symantec ≫ Velociraptor Versionmodel_1300

   Symantec ≫ Gateway Security Version5110_1.0
   Symantec ≫ Gateway Security Version5200_1.0
   Symantec ≫ Gateway Security Version5300

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.17%	0.767

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/6389

Patch

http://www.symantec.com/avcenter/security/Content/2002.12.12.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/10862

https://nvd.nist.gov/vuln/detail/CVE-2002-2294

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-2294

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-2294

EUVD