Strix
26.1K

CVE-2002-1940

UnknownEPSS 1.15%

Last modified

CVE-2002-1940 is a vulnerability of currently unknown severity. LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application.. EPSS estimates a 1.15% chance of exploitation in the next 30 days.

Description

LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application.

Metrics

EPSS Probability
1.15%

62.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
Jacob NaviaLcc-Win323.2

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2002-1940?
LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application.
How severe is CVE-2002-1940?
Severity scoring for CVE-2002-1940 is pending analysis. The EPSS model estimates a 1.15% probability of exploitation in the next 30 days.
How do I fix CVE-2002-1940?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-1940?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST