CVE-2002-0371

Description

Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.

Related CPE's

Could not find any relations

References

20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70

VU#440275

US Government Resource

http://www.pivx.com/workaround_fail.html

ie-gopher-bo(9247)

4930

20020613 Microsoft releases critical fix that breaks their own software!

20020604 Buffer overflow in MSIE gopher code

oval:org.mitre.oval:def:98

MS02-027

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:P/I:P/A:P

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

PARTIAL

IntegrityImpact

PARTIAL

AvailabilityImpact

PARTIAL

BaseScore

7.5

Created by Yello
About Severity.io