VDB
CVE-2003-0220
CVE-2003-0220
PUBLISHED
CVSS 7.5 HIGH
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
EPSS 80.50% · 99.2th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
80.50%
99.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| kerio | personal_firewall_2 | 2.1, 2.1.1, 2.1.2 |
| n/a | n/a | n/a |
Timeline
- Apr 28, 2003 CVE Published
- Jun 15, 2010 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 14, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- VU#454716 third-party-advisory
- 7180 vdb
- 20030428 CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall mailing-list
- http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10 url
- https://nvd.nist.gov/vuln/detail/CVE-2003-0220 advisory