CVE-2002-0053 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows NT

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

7.5HIGHNVD

CNA10.0

EPSS

49.1%

top 2.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows NT

Timeline

PublishedMar 8

Latest updateApr 30

Description

Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0

Patches

Patch: www.cert.org ↗Patch: www.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-j3wm-r3jm-rxjg: Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4↗2022-04-30

▶

CVEList

CVE-2002-0053: Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4↗2002-02-18

▶

💬Community

Bugzilla

CVE-2002-1903 pine username disclosure issue↗2005-07-11

▶