CVE-2002-0371

Microsoft Internet Explorer 5.1-6.0 - Remote Code Execution via Gopher URL Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0371. PoCs published by [email protected].

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Microsoft Internet Explorer, Proxy Server, and ISA Server's gopher client. It includes shellcode designed to execute arbitrary code on vulnerable systems, specifically tested on Korean versions of Windows 2000 and Windows Me.

Description

Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.

Exploits (1)

exploitdb WORKING POC VERIFIED

by [email protected] · perlremotewindows

https://www.exploit-db.com/exploits/21510

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Microsoft Internet Explorer, Proxy Server, and ISA Server's gopher client. It includes shellcode designed to execute arbitrary code on vulnerable systems, specifically tested on Korean versions of Windows 2000 and Windows Me.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Internet Explorer, Proxy Server, and ISA Server (gopher client)

No auth needed

Prerequisites: Vulnerable version of Microsoft Internet Explorer, Proxy Server, or ISA Server · Ability to entice a user to connect to a malicious gopher server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →