Published: 31/12/2002 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote malicious users to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.

Vulnerable Product	Search on Vulmon	Subscribe to Product
working resources inc. badblue personal_1.7.3
microsoft foundation class library 7.0

source: wwwsecurityfocuscom/bid/5188/info The Microsoft Foundation Class Library is a library used to develop applications for Microsoft Windows Some versions of the MFC include an ISAPI class, which can be used to construct applications which extend web server functionality Reportedly, a possible vulnerability exists in some versions ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0135.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0144.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0145.html http://www.securityfocus.com/bid/5188 https://exchange.xforce.ibmcloud.com/vulnerabilities/9529 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B216562 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B310649 https://nvd.nist.gov https://www.exploit-db.com/exploits/21601/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1973

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect