Description

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."

Remediation

References

CVE-2002-0364

Related Vulnerabilities

WordPress Plugin easyReservations Cross-Site Scripting (5.0.11)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)

Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-2417)

phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2023-4006)

Severity

High

Classification

CVE-2002-0364

Tags

Missing Update Known Vulnerabilities