CVE-2002-2385
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-2385
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Hotfoon Dialer远程缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Hotfoon.com是PC到电话,PC到PC电话,即时信息聊天服务的提供商。使用客户端程序hotfoon4.exe来访问服务,其中包括dialer拨号。 hotfoon4.exe对要拨的电话号码字段缺少正确的边界检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击。 hotfoon4.exe程序包含电话号码输入字段,但对这个字段的输入没有进行正确的缓冲区边界检查,输入过多号码可以导致发生缓冲区溢出。此溢出可以远程利用,因此拨号程序定义了名为"Voice"的URL协议,并在系统中已注册。如URL "voic
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2002-2385
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2002-2385
请登录查看更多情报信息。
Same Patch Batch · n/a · 2007-10-31 · 44 CVEs total
| CVE-2002-2382 | CVSup-Mirror以不安全方式创建临时文件漏洞 | |
| CVE-2002-2386 | XOOPS Quizz模块跨站脚本(XSS)漏洞 | |
| CVE-2002-2384 | Hotfoon Dialer明文口令存储漏洞 | |
| CVE-2002-2387 | Hyperion FTP目录遍历漏洞 | |
| CVE-2002-2390 | Trillian Identd远程缓冲区溢出漏洞 | |
| CVE-2002-2391 | Xoops WebChat远程SQL插入漏洞 | |
| CVE-2002-2392 | Nullsoft Winamp Skin可预见文件位置漏洞 | |
| CVE-2002-2393 | SolarWinds Serv-U File Server 输入验证错误漏洞 | |
| CVE-2007-5740 | Perdition IMAP代理str_vwrite函数远程格式串处理漏洞 | |
| CVE-2002-2389 | Fastlink Software TheServer纯文本密码存储漏洞 | |
| CVE-2002-2383 | F2HTML.PL SQL注入漏洞 | |
| CVE-2002-2381 | GTetrinet多个远程缓冲区溢出漏洞 | |
| CVE-2002-2380 | Arescom NetDSL-800固件存在未公开帐户漏洞 | |
| CVE-2002-2379 | Cisco AS5350通用网关远程拒绝服务攻击漏洞 | |
| CVE-2002-2378 | AN HTTPD出错页跨站脚本漏洞 | |
| CVE-2002-2377 | Zap Book服务器端包含任意命令行执行漏洞 | |
| CVE-2002-2376 | E-Guest Guest Book脚本注入漏洞 | |
| CVE-2002-2375 | CommuniGate Pro目录遍历漏洞 | |
| CVE-2002-2374 | Sun PatchPro不安全临时文件漏洞 | |
| CVE-2002-2373 | Apple 12/640 PS LaserWriter TCP/IP配置工具Telnet服务默认无口令漏洞 |
Showing top 20 of 44 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2002-2385
No comments yet