CVE-2002-1850

high

Apache

CVSS v3 Base Score

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

2.9%

Exploitation probability in 30 days

Top 14% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Confidentiality

None

Integrity

None

Availability

High

Published: December 31, 2002 (8535 days ago)

Last Modified: April 16, 2026

Vendor: Apache

Source: NVD

Description

mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.

CWE

CWE-667

Affected Products

apache http server

References

🔗 cvs.apache.org 🔗 issues.apache.org 🔗 issues.apache.org 🔗 marc.info 🔗 seclists.org

CVE-2002-1850

Vulnerability Report

Description

CWE

Affected Products

References