CVE-2002-0002
Description
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
Risk Information
Base Score
7.4
MODERATE
Vector
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
15.621
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in stunnel 3.3 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.4a | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.7 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.8 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.10 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.11 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.12 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.13 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.14 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.15 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.16 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.17 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.18 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.19 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.20 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.21 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.21a | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.21b | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.21c | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.22 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.24 | Windows |
| Multiple Vulnerabilities are affected in stunnel 3.9 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
| PATCH-348313 | stunnel (5.75) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234