VDB
CVE-2002-0366
CVE-2002-0366
PUBLISHED
CVSS 7.199999809265137 HIGH
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
EPSS 0.54% · 67.9th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
0.54%
67.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| microsoft | windows_xp | |
| microsoft | windows_2000 | |
| microsoft | windows_nt | 4.0, 4.0, 4.0 |
Timeline
- Jul 3, 2002 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
References
- oval:org.mitre.oval:def:63 vdb
- 20020613 Microsoft RASAPI32.DLL mailing-list
- oval:org.mitre.oval:def:61 vdb
- 20020620 VPN and Q318138 mailing-list
- http://www.nextgenss.com/vna/ms-ras.txt url
- 4852 vdb
- MS02-029 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2002-0366 advisory