CVE-2002-2421

acWEB 1.14 - Denial of Service via MS-DOS Device Name Request

Title source: llm
STIX 2.1

Description

acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2.

References (2)

Core 2
Core References
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-09/0304.html
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10190.php

Scores

EPSS 0.0127
EPSS Percentile 66.4%

Details

CWE
CWE-20
Status published
Products (1)
andrey_cherezov/acweb 1.14
Published Dec 31, 2002
Tracked Since Feb 18, 2026