CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1215

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1690%
EPSS Percentile5.74th
PublishedOct 28, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).

Affected Platforms (CPE)

πŸ“¦
Linux Ha

Heartbeat

<= 0.4.9

References & Advisories

πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540
πŸ”— http://linux-ha.org/security/sec01.txt
πŸ”— http://www.debian.org/security/2002/dsa-174
πŸ”— http://www.iss.net/security_center/static/10357.php
πŸ”— http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html
πŸ”— http://www.securityfocus.com/bid/5955
πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540
πŸ”— http://linux-ha.org/security/sec01.txt

Related Vulnerabilities

CVE-2004-097810.0

Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who vis...

CVE-2018-200339.8

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier cou...

CVE-2016-34388.2

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows...

CVE-2006-22727.8

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (...