CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0237

HIGH
7.5
CVSS Severity Score
EPSS Score0.1300%
EPSS Percentile33.74th
PublishedMay 29, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets.

Affected Platforms (CPE)

πŸ“¦
Iss

Blackice Agent

= 3.0
πŸ“¦
Iss

Blackice Agent

= 3.1
πŸ“¦
Iss

Blackice Defender

= 2.9
πŸ“¦
Iss

Blackice Defender

= 2.9cap
πŸ“¦
Iss

Blackice Defender

= 2.9caq
πŸ“¦
Iss

Realsecure Server Sensor

= 6.0.1
πŸ“¦
Iss

Realsecure Server Sensor

= 6.5

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=101286393404301&w=2
πŸ”— http://marc.info/?l=bugtraq&m=101302424803268&w=2
πŸ”— http://marc.info/?l=bugtraq&m=101321744807452&w=2
πŸ”— http://marc.info/?l=ntbugtraq&m=101353165915171&w=2
πŸ”— http://www.iss.net/security_center/alerts/advise109.php
πŸ”— http://www.iss.net/security_center/static/8058.php
πŸ”— http://www.securityfocus.com/bid/4025
πŸ”— http://marc.info/?l=bugtraq&m=101286393404301&w=2

Related Vulnerabilities

CVE-2002-09567.5

BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to by...

CVE-2005-27117.2

ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecu...

CVE-2002-09575.0

The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote at...

CVE-2002-074710.0

Buffer overflow in lsmcode in AIX 4.3.3.