Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2002-0525

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

  • Published: Aug 12, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-0525
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
isc / inn 2.2 2.2.x
isc / inn 2.2.2 2.2.2.x
isc / inn 2.0 2.0.x
isc / inn 2.1 2.1.x
isc / inn 2.2.1 2.2.1.x
isc / inn 2.2.3 2.2.3.x