[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2002-0371Date: (C)2002-07-03   (M)2023-12-22


Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://marc.info/?l=bugtraq&m=102320516707940&w=2
http://online.securityfocus.com/archive/1/276848
http://marc.info/?l=bugtraq&m=102397955217618&w=2
BID-4930
MS02-027
VU#440275
http://www.pivx.com/workaround_fail.html
ie-gopher-bo(9247)
oval:org.mitre.oval:def:98

CPE    3
cpe:/a:microsoft:isa_server:2000
cpe:/a:microsoft:proxy_server:2.0
cpe:/a:microsoft:isa_server:2000:sp1
OVAL    1
oval:org.mitre.oval:def:98

© SecPod Technologies