Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0026

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2006-0026
Last Modified 07 Mar 2011 09:29:11
Published 11 Jul 2006 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-0026

Summary

Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).

Vulnerable Systems

Application

  • Microsoft Internet Information Server 5.0

  • Microsoft Internet Information Server 5.1

  • Microsoft Internet Information Server 6.0


References

CERT-VN - VU#395588

CERT - TA06-192A

XF - iis-asp-bo(26796)

BID - 18858

MS - MS06-034

SECTRACK - 1016466

SECUNIA - 21006

VUPEN - ADV-2006-2752

OSVDB - 27152

BUGTRAQ - 20060718 ASP.DLL Include File Buffer Overflow


Last Updated: 27 May 2016 10:41:30