PT-2003-1553 · Microsoft · Windows Media Services

Brett Moore

Published

2003-06-28

Updated

2018-10-12

CVE-2003-0349

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Services versions prior to the fixed version

Description: A buffer overflow issue exists in the streaming media component of Microsoft Windows Media Services, specifically in the ISAPI logging capability. This allows remote attackers to execute arbitrary code by sending a large POST request to the nsiislog.dll component.

Recommendations: For Microsoft Windows Media Services, apply the fix provided by Microsoft to address the buffer overflow issue in the nsiislog.dll component. As a temporary workaround, consider restricting access to the nsiislog.dll component to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0349

Affected Products

Windows Media Services

PT-2003-1553 · Microsoft · Windows Media Services

CVE-2003-0349

Related Identifiers

Affected Products

References · 12