CVE-2000-0622

Oreilly Website Professional - Buffer Overflow

Title source: rule

Description

Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Robert Horton · cremotewindows

https://www.exploit-db.com/exploits/20086

View Code ZIP pw:eip

References (4)

[Various Sources] http://website.oreilly.com/support/software/wspro25_releasenotes.txt

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/1487

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/4962

[Various Sources] http://www.nai.com/research/covert/advisories/043.asp

Scores

EPSS 0.0862

EPSS Percentile 92.5%

Details

Status published

Products (3)

oreilly/website_professional 2.3.18

oreilly/website_professional 2.4

oreilly/website_professional 2.4.9

Published Jul 19, 2000

Tracked Since Feb 18, 2026