Lucene search
HistoryOct 04, 2002 - 4:00 a.m.
CVE-2002-1062
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
High
EPSS
0.019
Percentile
88.7%
Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
Affected configurations
Node
t._hauckjana_web_serverMatch1.0
ORt._hauckjana_web_serverMatch1.45
ORt._hauckjana_web_serverMatch1.46
ORt._hauckjana_web_serverMatch2.0
ORt._hauckjana_web_serverMatch2.0_beta1
ORt._hauckjana_web_serverMatch2.0_beta2
ORt._hauckjana_web_serverMatch2.2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| t._hauck | jana_web_server | 1.0 | cpe:2.3:a:t._hauck:jana_web_server:1.0:*:*:*:*:*:*:* |
| t._hauck | jana_web_server | 1.45 | cpe:2.3:a:t._hauck:jana_web_server:1.45:*:*:*:*:*:*:* |
| t._hauck | jana_web_server | 1.46 | cpe:2.3:a:t._hauck:jana_web_server:1.46:*:*:*:*:*:*:* |
| t._hauck | jana_web_server | 2.0 | cpe:2.3:a:t._hauck:jana_web_server:2.0:*:*:*:*:*:*:* |
| t._hauck | jana_web_server | 2.0_beta1 | cpe:2.3:a:t._hauck:jana_web_server:2.0_beta1:*:*:*:*:*:*:* |
| t._hauck | jana_web_server | 2.0_beta2 | cpe:2.3:a:t._hauck:jana_web_server:2.0_beta2:*:*:*:*:*:*:* |
| t._hauck | jana_web_server | 2.2.1 | cpe:2.3:a:t._hauck:jana_web_server:2.2.1:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
High
EPSS
0.019
Percentile
88.7%
Related for NVD:CVE-2002-1062