CVE-2002-1918
published 2002-12-31CVE-2002-1918: Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack…
PriorityP335critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
16.40%
96.6th percentile
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | data_access_components | — | — |
| microsoft | data_access_components | — | — |
| microsoft | data_access_components | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p8ff-f8wj-v664: Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2
ghsa_unreviewed·2022-04-30
CVE-2002-1918 [HIGH] GHSA-p8ff-f8wj-v664: Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED.
Red Hat
tar archive path traversal issue
vendor_redhat·2003-07-21·CVSS 5.0
CVE-2005-1918 [MEDIUM] tar archive path traversal issue
tar archive path traversal issue
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
No detection rules found.
No public exploits indexed.
2002-12-31
Published