Reported September 25, 2002, by Microsoft.
VERSIONS AFFECTED
· Microsoft SharePoint Team Services 2002
· Microsoft Windows XP (shipped with FrontPage Server Extensions 2000)
· Microsoft Windows 2000 (shipped with FrontPage Server Extensions 2000)
· Microsoft FrontPage Server Extensions 2002
· Microsoft FrontPage Server Extensions 2000
DESCRIPTION
A buffer overrun vulnerability exists in the SmartHTML Interpreter (shtml.dll), which ships as part of the Microsoft FrontPage Server Extension (FPSE) package. This condition stems from a flaw that an attacker can expose when FPSE processes a request for a particular type of Web file and that request had certain characteristics. This vulnerability affects the two versions FPSE 2002 and FPSE 2000 differently. With FPSE 2002 and SharePoint Team Services 2002, such a request could cause a buffer overrun, letting an attacker run code of his or her choice. With FPSE 2000, such a request would cause the interpreter to consume most or all CPU availability until you restart the Web service. An attacker could use this vulnerability to conduct a denial of service (DoS) attack against a vulnerable Web server.
VENDOR RESPONSE
The vendor, Microsoft, has released Security Bulletin MS02-053 (Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution) to address these vulnerabilities, and recommends that affected users apply the appropriate patch mentioned in the bulletin.
CREDIT
Discovered by Maninder Bharadwaj.