7.5

CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 31.01% 0.98
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0099.html
http://marc.info/?l=bugtraq&m=102392069305962&w=2
http://marc.info/?l=ntbugtraq&m=102392308608100&w=2
http://online.securityfocus.com/archive/1/276767
http://www.iss.net/security_center/static/9327.php
http://www.kb.cert.org/vuls/id/313819
US Government Resource
http://www.securityfocus.com/bid/4855
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-028
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A182
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A29