CVE-2003-0595 : Buffer overflow in WiTango Application Server and Tango 2000 allows remote attac

Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference.

Published 2003-08-27 04:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2003-0595

Terascript » Wintango Application Server
Versions before (<) 5.0.1.062
cpe:2.3:a:terascript:wintango_application_server:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2003-0595

EPSS FAQ

10.09%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 92 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2003-0595

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2003-0595

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2003-0595

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0038.html

Broken Link;Exploit;Vendor Advisory

Jump to

Vulnerability Details : CVE-2003-0595

Products affected by CVE-2003-0595

Exploit prediction scoring system (EPSS) score for CVE-2003-0595

CVSS scores for CVE-2003-0595

CWE ids for CVE-2003-0595

References for CVE-2003-0595