CVE-2002-2251

Marcos Luiz Onisto Lib CGI 0.1 - Buffer Overflow in changevalue Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-2251. PoCs published by Xpl017Elz.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the Lib CGI library (CVE-2002-2251) by sending a maliciously crafted HTTP POST request to overwrite the frame pointer and execute arbitrary shellcode. The PoC includes configurable shellcode and addresses for flexibility.

Description

Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Xpl017Elz · cremoteunix

https://www.exploit-db.com/exploits/22049

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the Lib CGI library (CVE-2002-2251) by sending a maliciously crafted HTTP POST request to overwrite the frame pointer and execute arbitrary shellcode. The PoC includes configurable shellcode and addresses for flexibility.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Lib CGI (libcgi.h) in C applications

No auth needed

Prerequisites: Vulnerable Lib CGI library in use · Network access to the target web server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-11/0330.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/10715

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/6264

Scores

EPSS 0.0658

EPSS Percentile 93.0%

Details

CWE

CWE-119

Status published

Products (1)

marcos_luiz_onisto/lib_cgi 0.1

Published Dec 31, 2002

Tracked Since Feb 18, 2026