CVE-2002-1992

Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header.

Published: Dec 31, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1992
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
macromedia / coldfusion_professional	-	-
macromedia / coldfusion	-	-

http://www.iss.net/security_center/static/9460.php
http://www.macromedia.com/v1/handlers/index.cfm?ID=23161
http://www.securityfocus.com/bid/5121

Vulnerability Database

289,697

CVE-2002-1992