QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2002-1973

Back to search

CVE-2002-1973

Published: Jun 28, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.

VendorProductVersions

n/a

n/a

affected
n/a

References

216562
vendor-advisory
x_refsource_MSKB
mfc-lib-isapi-bo(9529)
vdb-entry
x_refsource_XF
5188
vdb-entry
x_refsource_BID
20020712 MFC Overflow Test Code
mailing-list
x_refsource_BUGTRAQ
310649
vendor-advisory
x_refsource_MSKB
20020711 MFC ISAPI Framework Buffer Overflow
mailing-list
x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now