Summary
Cumulative Patch for Microsoft IIS (Q327696)
Impact of vulnerability: Ten new vulnerabilities, the most serious of which could enable code of an attacker's choice to be run on a server.
Recommendation: Users using any of the affected
products should install the patch immediately.
Maximum Severity Rating: Critical
Affected Software:
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 5.1
See
http://www.microsoft.com/technet/security/bulletin/ms02-062.mspx
Supersedes
http://www.microsoft.com/technet/security/bulletin/ms02-018.mspx
Severity
Classification
-
CVE CVE-2002-0147, CVE-2002-0149, CVE-2002-0150, CVE-2002-0224, CVE-2002-0869, CVE-2002-1180, CVE-2002-1181, CVE-2002-1182 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)
- Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
- Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553)
- Microsoft .NET Framework Privilege Elevation Vulnerability (2800277)
- Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)