Lucene search

[email protected]NVD:CVE-2002-1783

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1783

2002-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.266

Percentile

96.8%

JSON

CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.

Affected configurations

Nvd

Node

phpphpMatch3.0.14

phpphpMatch3.0.15

phpphpMatch3.0.16

phpphpMatch3.0.17

phpphpMatch3.0.18

phpphpMatch4.0.3

phpphpMatch4.0.4

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

VendorProductVersionCPE
phpphp3.0.14cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*
phpphp3.0.15cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*
phpphp3.0.16cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*
phpphp3.0.17cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*
phpphp3.0.18cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*
phpphp4.0.3cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
phpphp4.0.4cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
phpphp4.0.5cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*
phpphp4.0.6cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*
phpphp4.0.7cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php	php	3.0.14	cpe:2.3:a:php:php:3.0.14:::::::*
php	php	3.0.15	cpe:2.3:a:php:php:3.0.15:::::::*
php	php	3.0.16	cpe:2.3:a:php:php:3.0.16:::::::*
php	php	3.0.17	cpe:2.3:a:php:php:3.0.17:::::::*
php	php	3.0.18	cpe:2.3:a:php:php:3.0.18:::::::*
php	php	4.0.3	cpe:2.3:a:php:php:4.0.3:::::::*
php	php	4.0.4	cpe:2.3:a:php:php:4.0.4:::::::*
php	php	4.0.5	cpe:2.3:a:php:php:4.0.5:::::::*
php	php	4.0.6	cpe:2.3:a:php:php:4.0.6:::::::*
php	php	4.0.7	cpe:2.3:a:php:php:4.0.7:::::::*

Rows per page:

1-10 of 171

References

archives.neohapsis.com/archives/bugtraq/2002-09/0086.html

archives.neohapsis.com/archives/bugtraq/2002-09/0132.html

www.debian.org/security/2002/dsa-168

www.securityfocus.com/bid/5681

exchange.xforce.ibmcloud.com/vulnerabilities/10080

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.266

Percentile

96.8%

JSON

Related for NVD:CVE-2002-1783

cvelist1 cve1 nessus1