Back to search
CVE-2002-0371
Published: Jun 15, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
4930
vdb-entry
x_refsource_BID
ie-gopher-bo(9247)
vdb-entry
x_refsource_XF
20020604 Buffer overflow in MSIE gopher code
mailing-list
x_refsource_BUGTRAQ
20020613 Microsoft releases critical fix that breaks their own software!
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:98
vdb-entry
signature
x_refsource_OVAL
VU#440275
third-party-advisory
x_refsource_CERT-VN
MS02-027
vendor-advisory
x_refsource_MS
20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70
mailing-list
x_refsource_BUGTRAQ
http://www.pivx.com/workaround_fail.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now