Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1780

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1780
Last Modified 05 Sep 2008 04:31:29
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1780

Summary

BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves.

Vulnerable Systems

Application

  • Alcatech Gmbh Bpm Studio Pro 4.2


References

XF - bpm-http-device-dos(8299)


Last Updated: 27 May 2016 10:37:29