CVE-2002-1973
published 2002-12-31CVE-2002-1973: Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
40.05%
98.4th percentile
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | foundation_class_library | — | — |
| working_resources_inc | badblue | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0135.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0144.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0145.htmlhttp://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B216562http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B310649http://www.securityfocus.com/bid/5188https://exchange.xforce.ibmcloud.com/vulnerabilities/9529http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0135.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0144.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0145.htmlhttp://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B216562http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B310649http://www.securityfocus.com/bid/5188https://exchange.xforce.ibmcloud.com/vulnerabilities/9529
2002-12-31
Published