VYPR
Unrated severityNVD Advisory· Published Jun 9, 2003· Updated Jun 16, 2026

CVE-2003-0332

CVE-2003-0332

Description

The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:working_resources_inc.:badblue:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:working_resources_inc.:badblue:*:*:*:*:*:*:*:*range: <=2.2
    • (no CPE)range: 1.7 - 2.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.