Description
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
Remediation
References
Related Vulnerabilities
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41799)
PHP Numeric Errors Vulnerability (CVE-2007-2872)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000169)
MySQL CVE-2012-1689 Vulnerability (CVE-2012-1689)
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Arbitrary File Upload (2.0)