CVE-2002-0071

Published: Apr 2, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

oval:org.mitre.oval:def:45

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:130

vdb-entry

signature

x_refsource_OVAL

3325

vdb-entry

x_refsource_OSVDB

A041002-1

vendor-advisory

x_refsource_ATSTAKE

20020411 KPMG-2002010: Microsoft IIS .htr ISAPI buffer overrun

mailing-list

x_refsource_BUGTRAQ

4474

vdb-entry

x_refsource_BID

VU#363715

third-party-advisory

x_refsource_CERT-VN

MS02-018

vendor-advisory

x_refsource_MS

iis-htr-isapi-bo(8799)

vdb-entry

x_refsource_XF

CA-2002-09

third-party-advisory

x_refsource_CERT

20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018

vendor-advisory

x_refsource_CISCO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-0071

Description

Affected Products

References