cbcvebase.
CVE-2002-1066
published 2002-10-04

CVE-2002-1066: Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index…

PriorityP428high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.09%
89.5th percentile
Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and allows a buffer overflow attack.

Affected

7 ranges
VendorProductVersion rangeFixed in
t_hauckjana_web_server
t_hauckjana_web_server
t_hauckjana_web_server
t_hauckjana_web_server
t_hauckjana_web_server
t_hauckjana_web_server
t_hauckjana_web_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.