CVE-2002-1310

4 documents4 sources

Severity

7.5HIGH

EPSS

3.3%

top 12.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Macromedia Jrun

Timeline

PublishedNov 29

Latest updateApr 30

Description

Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmacromedia/jrun4.0

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-223r-j88r-q3hw: Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4↗2022-04-30

▶

CVEList

CVE-2002-1310: Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4↗2002-11-21

▶

💥Exploits & PoCs

Exploit-DB

Symantec Norton AntiVirus 2002/2003 - Device Driver Memory Overwrite↗2003-08-02

▶