PT-2003-1443 · Microsoft · Internet Information Services

Ren Guang Yuan

Publicado

2003-05-30

Atualizado

2018-10-30

CVE-2003-0224

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Information Services (IIS) version 5.0

Description: A buffer overflow issue in the ssinc.dll component allows local users to execute arbitrary code via a web page containing a Server Side Include (SSI) directive with a long filename.

Recommendations: For Microsoft Internet Information Services (IIS) version 5.0, consider disabling the use of Server Side Include (SSI) directives until a patch is available to prevent exploitation of this issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2003-0224

Produtos afetados

Internet Information Services

PT-2003-1443 · Microsoft · Internet Information Services

CVE-2003-0224

Identificadores relacionados

Produtos afetados

Referências · 5