Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Apr 16, 2026

CVE-2002-1905

Description

Buffer overflow in Polycom ViaVideo web server allows remote attackers to crash via long HTTP GET request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Buffer overflow in Polycom ViaVideo web server allows remote attackers to crash via long HTTP GET request.

Vulnerability

A buffer overflow vulnerability exists in the web server component of Polycom ViaVideo versions 2.2 and 3.0. Remote attackers can trigger the overflow by sending an overly long HTTP GET request, causing a denial of service (crash) [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP GET request with an excessively long URI to the web server. No authentication or prior access is required, as the web server is typically exposed to the network [1].

Impact

Successful exploitation causes the web server to crash, resulting in a denial of service. The impact is limited to availability; no code execution or data compromise is reported [1].

Mitigation

Polycom has fixed this vulnerability in a later version. Users should upgrade to a version beyond 3.0. No workarounds are documented [1].

References

HP Poly Video & Voice Solutions - Formerly Polycom & Plantronics

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Polycom/Viavideo3 versions
cpe:2.3:h:polycom:viavideo:2.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:polycom:viavideo:2.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viavideo:3.0:*:*:*:*:*:*:*
- (no CPE)range: <=3.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000