Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1766

4 documents4 sources
Severity
4.6MEDIUM
EPSS
0.5%
top 36.19%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Netscape Communicator
Timeline
PublishedDec 31
Latest updateApr 30

Description

Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-25wv-pf2x-9jpv: Buffer overflow in Composer in Netscape 42022-04-30
CVEList
CVE-2002-1766: Buffer overflow in Composer in Netscape 42005-06-21

💥Exploits & PoCs

1
Exploit-DB
Netscape 4.77 - Composer Font Face Field Buffer Overflow2002-06-13
CVE-2002-1766 (MEDIUM CVSS 4.6) | Buffer overflow in Composer in Nets | cvebase.io