CVE-2002-0392
published 2002-07-03CVE-2002-0392: Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
EXPLOIT
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | 1.2.2 – 1.3.24 | — |
| apache | http_server | 2.0.0 – 2.0.36 | — |
| debian | apache2 | < apache2 2.0.37 (bookworm) | apache2 2.0.37 (bookworm) |
| debian | debian_linux | — | — |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vulncheck7.5HIGH