Detections
Analytics

CVE-2002-1215

critical

Description

Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).

References

http://www.securityfocus.com/bid/5955

http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html

http://www.iss.net/security_center/static/10357.php

http://www.debian.org/security/2002/dsa-174

http://linux-ha.org/security/sec01.txt

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540

Details

Source: Mitre, NVD

Published: 2002-10-28

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.12913