Vulnerability Database

300,444

Total vulnerabilities in the database

CVE-2002-0002

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

Published: Jan 31, 2002
Updated: Nov 9, 2025
CVE: CVE-2002-0002
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
stunnel / stunnel	3.21c	3.21c.x
stunnel / stunnel	3.7	3.7.x
stunnel / stunnel	3.3	3.3.x
stunnel / stunnel	3.21b	3.21b.x
stunnel / stunnel	3.14	3.14.x
stunnel / stunnel	3.4a	3.4a.x
stunnel / stunnel	3.22	3.22.x
stunnel / stunnel	3.18	3.18.x
stunnel / stunnel	3.20	3.20.x
stunnel / stunnel	3.15	3.15.x
stunnel / stunnel	3.24	3.24.x
stunnel / stunnel	3.11	3.11.x
stunnel / stunnel	3.8	3.8.x
stunnel / stunnel	3.21	3.21.x
stunnel / stunnel	3.13	3.13.x
stunnel / stunnel	3.17	3.17.x
stunnel / stunnel	3.10	3.10.x
stunnel / stunnel	3.16	3.16.x
stunnel / stunnel	3.9	3.9.x
stunnel / stunnel	3.12	3.12.x
stunnel / stunnel	3.21a	3.21a.x
stunnel / stunnel	3.19	3.19.x
redhat / linux	7.2	7.2.x
mandrakesoft / mandrake_linux	8.1	8.1.x
engardelinux / secure_linux	1.0.1	1.0.1.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo