Vulnerability Description
Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| T. Hauck | Jana Web Server | 1.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9684.phpVendor Advisory
- http://www.securityfocus.com/bid/5321PatchVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9684.phpVendor Advisory
- http://www.securityfocus.com/bid/5321PatchVendor Advisory
FAQ
What is CVE-2002-1062?
CVE-2002-1062 is a vulnerability with a CVSS score of 7.5 (HIGH). Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
How severe is CVE-2002-1062?
CVE-2002-1062 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1062?
Check the references section above for vendor advisories and patch information. Affected products include: T. Hauck Jana Web Server.