CVE-2002-1721
HIGHaltermime 0.1.10 and 0.1.11 - Denial of Service via x-header Off-by-one Error
Title source: llmDescription
Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/8992
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4650
Release Notes x_refsource_confirm
http://www.pldaniels.com/altermime/CHANGELOG
Scores
CVSS v3
7.5
EPSS
0.0226
EPSS Percentile
80.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-193
Status
published
Products (2)
pldaniels/altermime
0.1.10
pldaniels/altermime
0.1.11
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026