CVE-2002-1721

Name of the Vulnerable Software and Affected Versions alterMIME versions 0.1.10 through 0.1.11

Description The issue is caused by an off-by-one error that allows remote attackers to cause a denial of service, resulting in a crash. This is achieved via an x-header that causes snprintf to overwrite the FFGET FILE variable with a (null) byte.

Recommendations For alterMIME versions 0.1.10 and 0.1.11, consider restricting access to the snprintf function until a patch is available to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.