CVE-2002-0843Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Http Server

5 documents5 sources
Severity
7.5HIGHNVD
EPSS
3.8%
top 11.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apache Http ServerOracle Application ServerOracle Database Server+1 more
Timeline
PublishedOct 11
Latest updateMay 3

Description

Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

NVDapache/http_server18 versions+17
NVDoracle/database_server8.1.7, 9.2.2+1
NVDoracle/application_server5 versions+4
NVDoracle/oracle8i4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-v5cr-9693-q9cg: Buffer overflows in the ApacheBench benchmark support program (ab2022-05-03
CVEList
CVE-2002-0843: Buffer overflows in the ApacheBench benchmark support program (ab2002-10-05

📋Vendor Advisories

1
Red Hat
security flaw2002-10-03

💬Community

1
Bugzilla
CVE-2002-0843 security flaw2018-08-16
CVE-2002-0843 — Apache Http Server vulnerability | cvebase