CVSS: 7.5EPSS: 5%CPEs: 5EXPL: 0CVE-2002-0698
https://notcve.org/view.php?id=CVE-2002-0698
Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response. Desbordamiento de búfer en Internet Mail Connector (IMC) para Microsoft Exchange Server 5.5 permite que atacantes remotos ejecuten código arbitrario por medio de una petición EHLO desde un sistema con un nombre largo obtenido por búsqueda DNS inversa, lo cual provoca el desbordamiento de búfer en la respuesta de IMC. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20759 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ326322 http://www.iss.net/security_center/static/9658.php http://www.securityfocus.com/bid/5306 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-037 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2002-0368
https://notcve.org/view.php?id=CVE-2002-0368
The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with a malformed RFC message attribute, aka "Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources." • http://www.iss.net/security_center/static/9195.php http://www.securityfocus.com/bid/4881 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-025 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 2.1EPSS: 6%CPEs: 9EXPL: 0CVE-2002-0507
https://notcve.org/view.php?id=CVE-2002-0507
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. Una interacción entre Microsoft Outlook Web Access (OWA) con RSA SecurID permite a usuarios locales evitar la autenticación SecurID para un usuario anterior mediante varios envios de una petición de autenticación OWA con la contraseña adecuada del usuario anterior, que es acaba siendo aceptada por OWA. • http://online.securityfocus.com/archive/1/264705 http://www.iss.net/security_center/static/8681.php http://www.securityfocus.com/bid/4390 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 5%CPEs: 5EXPL: 0CVE-2002-0155
https://notcve.org/view.php?id=CVE-2002-0155
Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX. Desbordamiento de búfer en el control ActiveX Microsoft MSN Chat, usado en MSN Messenger 4.5 y 4.6, y Exchange Instant Messenger 4.5 y 4.6, permite a atacantes remotos ejecutar código arbitrario mediante un parámetro ResDLL largo en el OCX MSNChat. • http://marc.info/?l=bugtraq&m=102089960531919&w=2 http://www.cert.org/advisories/CA-2002-13.html http://www.iss.net/security_center/static/9041.php http://www.securityfocus.com/bid/4707 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022 •
CVSS: 5.0EPSS: 96%CPEs: 7EXPL: 0CVE-2002-0055
https://notcve.org/view.php?id=CVE-2002-0055
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request. El servicio SMTP en Windows 2000/XP Professional y Exchange 2000 permite a atacantes remotos provocar denegación de servico mediante un comando con una petición transferencia de datos malformada. • http://marc.info/?l=bugtraq&m=101558498401274&w=2 http://www.iss.net/security_center/static/8307.php http://www.securityfocus.com/bid/4204 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A30 • CWE-669: Incorrect Resource Transfer Between Spheres •