CVE-2002-2258

Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mobydisk:netsuite:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:43

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2002-11/0364.html - () http://archives.neohapsis.com/archives/bugtraq/2002-11/0364.html -
References () http://www.securityfocus.com/bid/6277 - Exploit () http://www.securityfocus.com/bid/6277 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/10725 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/10725 -

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:43


NVD link : CVE-2002-2258

Mitre link : CVE-2002-2258

CVE.ORG link : CVE-2002-2258


JSON object : View

Products Affected

mobydisk

  • netsuite
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer