VDB
CVE-2002-0843
CVE-2002-0843
PUBLISHED
CVSS 7.5 HIGH
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
EPSS 3.77% · 88.3th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
3.77%
88.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apache | http_server | 1.3.20, 1.3.22, 1.3.25 |
| oracle | application_server | 1.0.2, 1.0.2.1s, 1.0.2.2 |
| oracle | database_server | 8.1.7, 9.2.2 |
| oracle | oracle8i | 8.1.7.1, 8.1.7.0.0_enterprise, 8.1.7 |
| n/a | n/a | n/a |
Exploit Intelligence
- DSA-188 (circl)
- CLSA-2002:530 (circl)
- http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2 (circl)
- ESA-20021007-024 (circl)
- 5996 (circl)
- IY87070 (circl)
- 20021105-01-I (circl)
- HPSBUX0210-224 (circl)
- ADV-2006-3263 (circl)
- 20021016 Apache 1.3.26 (circl)
…and 18 more exploits
Timeline
- Oct 5, 2002 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 3, 2022 CVE Updated
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- DSA-188 vendor-advisory
- CLSA-2002:530 vendor-advisory
- http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2 url
- ESA-20021007-024 vendor-advisory
- 5996 vdb
- IY87070 vendor-advisory
- 20021105-01-I vendor-advisory
- HPSBUX0210-224 vendor-advisory
- ADV-2006-3263 vdb
- 20021016 Apache 1.3.26 mailing-list
- DSA-187 vendor-advisory
- http://www.apacheweek.com/issues/02-10-04 url
- 5887 vdb
- DSA-195 vendor-advisory
- 20021003 [OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache) mailing-list
- MDKSA-2002:068 vendor-advisory
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2871 url
- CLA-2002:530 vendor-advisory
- 21425 third-party-advisory
- 20021017 TSLSA-2002-0069-apache mailing-list
…and 15 more