CVE-2002-0869
7.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.062 Low
EPSS
Percentile
93.5%
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka “Out of Process Privilege Elevation.”
References
archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html
marc.info/?l=bugtraq&m=103642839205574&w=2
www.ciac.org/ciac/bulletins/n-011.shtml
www.iss.net/security_center/static/10502.php
www.li0n.pe.kr/eng/advisory/ms/iis_impersonation.txt
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A929
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A930
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A983
Related
7.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.062 Low
EPSS
Percentile
93.5%