CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0848

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile36.08th
PublishedNov 14, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.

Affected Platforms (CPE)

πŸ“¦
Ibm

Websphere Application Server

= 3.0.2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-09/0192.html
πŸ”— http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security
πŸ”— http://www.securityfocus.com/bid/1691
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5252
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-09/0192.html
πŸ”— http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security
πŸ”— http://www.securityfocus.com/bid/1691
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5252

Related Vulnerabilities

CVE-2006-243010.0

IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plainte...

CVE-2006-243310.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...

CVE-2006-242910.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...

CVE-2006-323210.0

Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "U...