CVE-2002-0653

High

Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and…

mitre·CWE-193·Published 2002-07-11

CVSS

7.8

EPSS

0.01

KEV

Exploits

cve.orgen

257 chars

Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.

NVDen

257 chars

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H