CVE-2002-1973 Information
Description
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0 and 6.0 before SP3 as used in multiple products including BadBlue allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
Reference
http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0135.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0144.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0145.html http://support.microsoft.com/default.aspx?scid=kb;[LN];216562 http://support.microsoft.com/default.aspx?scid=kb;[LN];310649 http://www.securityfocus.com/bid/5188 https://exchange.xforce.ibmcloud.com/vulnerabilities/9529
Share on: