Vulnerability Details CVE-2002-1062
Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9684.php
- http://www.securityfocus.com/bid/5321
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9684.php
- http://www.securityfocus.com/bid/5321
Products affected by CVE-2002-1062
-
cpe:2.3:a:t._hauck:jana_web_server:1.0
-
cpe:2.3:a:t._hauck:jana_web_server:1.45
-
cpe:2.3:a:t._hauck:jana_web_server:1.46
-
cpe:2.3:a:t._hauck:jana_web_server:2.0
-
cpe:2.3:a:t._hauck:jana_web_server:2.0_beta1
-
cpe:2.3:a:t._hauck:jana_web_server:2.0_beta2
-
cpe:2.3:a:t._hauck:jana_web_server:2.2.1