Vulnerability Details CVE-2001-0173
Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.049
EPSS Ranking 88.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/bugtraq/2001-01/0486.html
- http://www.securityfocus.com/bid/2329
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6033
- http://archives.neohapsis.com/archives/bugtraq/2001-01/0486.html
- http://www.securityfocus.com/bid/2329
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6033
Products affected by CVE-2001-0173
-
cpe:2.3:a:nobreak_technologies:crazywwwboard:2000.0lepx
-
cpe:2.3:a:nobreak_technologies:crazywwwboard:2000.0px
-
cpe:2.3:a:nobreak_technologies:crazywwwboard:2000lepx
-
cpe:2.3:a:nobreak_technologies:crazywwwboard:2000px
-
cpe:2.3:a:nobreak_technologies:crazywwwboard:3.0.1
-
cpe:2.3:a:nobreak_technologies:crazywwwboard:98
-
cpe:2.3:a:nobreak_technologies:crazywwwboard:98pe
-
cpe:2.3:a:qdecoder:qdecoder:4.0
-
cpe:2.3:a:qdecoder:qdecoder:4.0.1
-
cpe:2.3:a:qdecoder:qdecoder:4.3
-
cpe:2.3:a:qdecoder:qdecoder:4.3.1
-
cpe:2.3:a:qdecoder:qdecoder:5.0
-
cpe:2.3:a:qdecoder:qdecoder:5.0.1
-
cpe:2.3:a:qdecoder:qdecoder:5.0.2
-
cpe:2.3:a:qdecoder:qdecoder:5.0.3