Vulnerability Details CVE-2002-0586
Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0195.html
- http://sourceforge.net/tracker/index.php?func=detail&aid=533141&group_id=3152&atid=303152
- http://www.iss.net/security_center/static/8860.php
- http://www.securityfocus.com/bid/4535
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0195.html
- http://sourceforge.net/tracker/index.php?func=detail&aid=533141&group_id=3152&atid=303152
- http://www.iss.net/security_center/static/8860.php
- http://www.securityfocus.com/bid/4535
Products affected by CVE-2002-0586
-
cpe:2.3:a:aol:aol_server:3.0
-
cpe:2.3:a:aol:aol_server:3.1
-
cpe:2.3:a:aol:aol_server:3.2
-
cpe:2.3:a:aol:aol_server:3.2.1
-
cpe:2.3:a:aol:aol_server:3.3
-
cpe:2.3:a:aol:aol_server:3.3.1
-
cpe:2.3:a:aol:aol_server:3.4
-
cpe:2.3:a:aol:aol_server:3.4.1
-
cpe:2.3:a:aol:aol_server:3.4.2