Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2224

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2002-2224
Last Modified 05 Sep 2008 04:32:39
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2002-2224

Summary

Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload.

Vulnerable Systems

Application

  • Network Associates Pgp Freeware 7.03


References

CERT-VN - VU#287771

XF - ike-response-bo(9850)

BID - 5449

MISC - http://www.kb.cert.org/vuls/id/AAMN-5A5RXM


Last Updated: 27 May 2016 10:37:40