Lucene search
K

7 matches found

Circl
Circl
added 2010/07/07 12:0 a.m.14 views

CVE-2004-1134

creationtimestamp| type| source ---|---|--- 2010-07-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16354 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/isapi/w3whoquery.rb 2025-02-06 03:13:38+00:00| seen|...

10CVSS5.7AI score0.72326EPSS
Exploits5References2
Check Point Advisories
Check Point Advisories
added 2010/02/18 12:0 a.m.39 views

Microsoft ISAPI W3Who Library Buffer Overflow (CVE-2004-1134)

The W3Who dynamically linked library DLL, when used in the context of an IIS HTTP server, provides various information about the current HTTP client, as well as the current running environment. It is included with the Internet Services Application Programming Interface ISAPI and is meant to be us...

10CVSS7.3AI score0.72326EPSS
Exploits5
Packet Storm
Packet Storm
added 2009/11/26 12:0 a.m.40 views

Microsoft IIS ISAPI w3who.dll Query String Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft II...

10CVSS6.5AI score0.72326EPSS
Exploits5
Metasploit
Metasploit
added 2006/09/13 6:28 a.m.35 views

Microsoft IIS ISAPI w3who.dll Query String Overflow

This module exploits a stack buffer overflow in the w3who.dll ISAPI application. This vulnerability was discovered Nicolas Gregoire and this code has been successfully tested against Windows 2000 and Windows XP SP2. When exploiting Windows XP, the payload must call RevertToSelf before it will be...

10CVSS7.5AI score0.72326EPSS
Exploits5
Packet Storm
Packet Storm
added 2005/01/12 12:0 a.m.47 views

iis_w3who_overflow.pm

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

10CVSS6.5AI score0.72326EPSS
Exploits5
canvas
canvas
added 2005/01/10 5:0 a.m.40 views

Immunity Canvas: W3WHO

Name| w3who ---|--- CVE| CVE-2004-1134 Exploit Pack| CANVAS Description| w3who.dll stack overflow Notes| CVSS: 10.0 Date public: 05/01/2001 VENDOR: Microsoft CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1134 CVE Name: CVE-2004-1134...

10CVSS0.7AI score0.72326EPSS
Exploits5
CVE
CVE
added 2004/12/08 5:0 a.m.63 views

CVE-2004-1134

CVE-2004-1134 covers a stack/ buffer overflow in the Microsoft IIS ISAPI w3who.dll (W3Who) triggered by long query strings. The root cause is lack of input sanitization for CGI variables, enabling remote attackers to cause denial of service and potentially execute arbitrary code with IIS privileg...

10CVSS7.7AI score0.72326EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder