HIGH🇬🇧 English

CVE-2002-0002

CVSS 7.5v2.0pub. 2002-01-31upd. 2026-04-16

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Engardelinux Secure Linux

    OS
    Engardelinux
    1.0.1
  • Mandrakesoft Mandrake Linux

    OS
    Mandrakesoft
    8.1
  • Red Hat Linux

    OS
    Redhat
    7.2
  • Stunnel

    APP
    Stunnel
    3.103.113.123.133.143.153.163.173.183.193.203.213.21a3.21b3.21c+ 7 więcej
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2002-0083CRITICAL9.8ten sam produkt

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious serve...

CVE-1999-0043CRITICAL9.8ten sam produkt

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages...

CVE-2025-36049HIGH8.8ten sam produkt

IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injec...

CVE-2025-36048HIGH7.2ten sam produkt

IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their...

CVE-2024-38319HIGH7.5ten sam produkt

IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially...