Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0224

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0224
Last Modified 10 Sep 2008 03:18:18
Published 09 Jun 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0224

Summary

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."

Vulnerable Systems

Application

  • Microsoft Internet Information Server 5.0


References

MS - MS03-018

NTBUGTRAQ - 20030530 NSFOCUS SA2003-05: Microsoft IIS ssinc.dll Over-long Filename Buffer Overflow Vulnerability


Last Updated: 27 May 2016 10:37:50