Description

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."

Remediation

References

CVE-2002-0364

Related Vulnerabilities

PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2002-0985)

PostgreSQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2020-25694)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2364)

phpBB CVE-2010-1630 Vulnerability (CVE-2010-1630)

Oracle Database Server Other Vulnerability (CVE-2007-3859)

Severity

High

Classification

CVE-2002-0364

Tags

Missing Update Known Vulnerabilities