HIGH🇵🇱 Wersja polska

CVE-2002-0002

CVSS 7.5v2.0pub. 2002-01-31upd. 2026-04-16

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Engardelinux Secure Linux

    OS
    Engardelinux
    1.0.1
  • Mandrakesoft Mandrake Linux

    OS
    Mandrakesoft
    8.1
  • Red Hat Linux

    OS
    Redhat
    7.2
  • Stunnel

    APP
    Stunnel
    3.103.113.123.133.143.153.163.173.183.193.203.213.21a3.21b3.21c+ 7 więcej
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2002-0083CRITICAL9.8ten sam produkt

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious serve...

CVE-1999-0043CRITICAL9.8ten sam produkt

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages...

CVE-2025-36049HIGH8.8ten sam produkt

IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injec...

CVE-2025-36048HIGH7.2ten sam produkt

IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their...

CVE-2024-38319HIGH7.5ten sam produkt

IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially...