Reported July 13, 2004, by Microsoft
VERSIONS AFFECTED
|
DESCRIPTION
A vulnerability exists in Microsoft Internet Information Server (IIS) 4.0 that
could result in arbitrary remote code execution and remote compromise of the
vulnerable system. This vulnerability is a result of a buffer overflow
condition in the redirect function.
VENDOR RESPONSE
Microsoft has released
bulletin MS04-021, "Security Update for IIS 4.0 (841373),"
to address this vulnerability and recommends that affected users apply the
appropriate patch listed in the bulletin.
CREDIT
Discovered by Microsoft.
0 comments
Hide comments