Vulnerability Details CVE-2002-0533
phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0005.html
- http://marc.info/?l=bugtraq&m=101794993119738&w=2
- http://online.securityfocus.com/archive/1/265798
- http://www.iss.net/security_center/static/8764.php
- http://www.securityfocus.com/bid/4432
- http://www.securityfocus.com/bid/4434
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0005.html
- http://marc.info/?l=bugtraq&m=101794993119738&w=2
- http://online.securityfocus.com/archive/1/265798
- http://www.iss.net/security_center/static/8764.php
- http://www.securityfocus.com/bid/4432
- http://www.securityfocus.com/bid/4434
Products affected by CVE-2002-0533
-
cpe:2.3:a:phpbb_group:phpbb:1.0.0
-
cpe:2.3:a:phpbb_group:phpbb:1.2.0
-
cpe:2.3:a:phpbb_group:phpbb:1.2.1
-
cpe:2.3:a:phpbb_group:phpbb:1.4.0
-
cpe:2.3:a:phpbb_group:phpbb:1.4.1
-
cpe:2.3:a:phpbb_group:phpbb:1.4.2
-
cpe:2.3:a:phpbb_group:phpbb:1.4.4