CVE-2002-1973

Microsoft Foundation Class Library - Buffer Overflow in CHttpServer::OnParseError via Long Query String

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1973. PoCs published by Matthew Murphy.

AI-analyzed exploit summary This exploit demonstrates a heap overflow vulnerability in the Microsoft Foundation Class (MFC) ISAPI framework by sending a malformed HTTP POST request with a misleading Content-Length header. It targets servers using vulnerable MFC ISAPI extensions, leading to a denial of service (DoS) condition.

Description

Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Matthew Murphy · cremotewindows

https://www.exploit-db.com/exploits/21601

View Code ZIP pw:eip

This exploit demonstrates a heap overflow vulnerability in the Microsoft Foundation Class (MFC) ISAPI framework by sending a malformed HTTP POST request with a misleading Content-Length header. It targets servers using vulnerable MFC ISAPI extensions, leading to a denial of service (DoS) condition.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Foundation Class Library (MFC) ISAPI Framework (versions with vulnerable ISAPI class)

No auth needed

Prerequisites: Network access to the target server · Target server running an application compiled with vulnerable MFC ISAPI classes

MITRE ATT&CK