Vulnerability Description
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 5.0.1 |
| Microsoft | Isa Server | 2000 |
| Microsoft | Proxy Server | 2.0 |
| University Of Minnesota | Gopher | All versions |
References
- http://marc.info/?l=bugtraq&m=102320516707940&w=2
- http://marc.info/?l=bugtraq&m=102397955217618&w=2
- http://online.securityfocus.com/archive/1/276848
- http://www.iss.net/security_center/static/9247.php
- http://www.kb.cert.org/vuls/id/440275US Government Resource
- http://www.pivx.com/workaround_fail.html
- http://www.securityfocus.com/bid/4930
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-02
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://marc.info/?l=bugtraq&m=102320516707940&w=2
- http://marc.info/?l=bugtraq&m=102397955217618&w=2
- http://online.securityfocus.com/archive/1/276848
- http://www.iss.net/security_center/static/9247.php
- http://www.kb.cert.org/vuls/id/440275US Government Resource
- http://www.pivx.com/workaround_fail.html
FAQ
What is CVE-2002-0371?
CVE-2002-0371 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redire...
How severe is CVE-2002-0371?
CVE-2002-0371 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0371?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer, Microsoft Isa Server, Microsoft Proxy Server, University Of Minnesota Gopher.