7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.936 High
EPSS
Percentile
99.1%
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka “Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise.”
archives.neohapsis.com/archives/vulnwatch/2002-q2/0099.html
marc.info/?l=bugtraq&m=102392069305962&w=2
marc.info/?l=ntbugtraq&m=102392308608100&w=2
online.securityfocus.com/archive/1/276767
www.iss.net/security_center/static/9327.php
www.kb.cert.org/vuls/id/313819
www.securityfocus.com/bid/4855
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-028
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A182
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A29