CVE-2002-0686

Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter.

Published: Jul 23, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0686
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
iplanet / iplanet_web_server	4.1	4.1.x
iplanet / iplanet_web_server	6.0	6.0.x

http://marc.info/?l=bugtraq&m=102622220416889&w=2
http://www.iss.net/security_center/static/9506.php
http://www.kb.cert.org/vuls/id/612843
http://www.nextgenss.com/vna/sun-iws.txt
http://www.securityfocus.com/bid/4851

Vulnerability Database

289,599

CVE-2002-0686