CVE-2002-0605 : Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary

Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary code via a long movie parameter.

Published 2002-06-18 04:00:00

Updated 2016-10-18 02:20:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2002-0605

Probability of exploitation activity in the next 30 days: 10.81%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2002-0605

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2002-0605

http://www.securityfocus.com/bid/4664
http://www.macromedia.com/support/flash/ts/documents/buf_ovflow_623.htm

Patch;Vendor Advisory
http://marc.info/?l=bugtraq&m=102039374017185&w=2
http://marc.info/?l=vuln-dev&m=102038919414726&w=2
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0051.html
http://www.iss.net/security_center/static/8993.php

Patch;Vendor Advisory

Products affected by CVE-2002-0605

Macromedia » Flash Player » Version: 6.0
cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2002-0605

Exploit prediction scoring system (EPSS) score for CVE-2002-0605

CVSS scores for CVE-2002-0605

References for CVE-2002-0605

Products affected by CVE-2002-0605