Vulnerability Details CVE-2002-1496
Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.225
EPSS Ranking 97.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0284.html
- http://freshmeat.net/releases/97910/
- http://www.iss.net/security_center/static/10160.php
- http://www.securityfocus.com/bid/5774
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0284.html
- http://freshmeat.net/releases/97910/
- http://www.iss.net/security_center/static/10160.php
- http://www.securityfocus.com/bid/5774
Products affected by CVE-2002-1496
-
cpe:2.3:a:nulllogic:null_httpd:*