What is CVE-2002-0364?

CVE-2002-0364 is a vulnerability in N/a. Published 2003-04-02.

Is CVE-2002-0364 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromi…

EPSS: 0.624 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

4855 (vdb-entry, x_refsource_BID)
MS02-028 (x_refsource_MS, vendor-advisory)
VU#313819 (x_refsource_CERT-VN, third-party-advisory)
20020612 ADVISORY: Windows 2000 and NT4 IIS .HTR Remote Buffer Overflow (mailing-list, x_refsource_NTBUGTRAQ)
iis-htr-chunked-encoding-bo(9327) (vdb-entry, x_refsource_XF)
20020613 VNA - .HTR HEAP OVERFLOW (mailing-list, x_refsource_BUGTRAQ)
20020612 ADVISORY: Windows 2000 and NT4 IIS .HTR Remote Buffer Overflow [AD20020612] (mailing-list, x_refsource_VULNWATCH)
oval:org.mitre.oval:def:182 (signature, x_refsource_OVAL, vdb-entry)
20020612 ADVISORY: Windows 2000 and NT4 IIS .HTR Remote Buffer Overflow [AD20020612] (mailing-list, x_refsource_BUGTRAQ)
oval:org.mitre.oval:def:29 (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2002-0364?: CVE-2002-0364 is a vulnerability in N/a. Published 2003-04-02.
Is CVE-2002-0364 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.