| ID |
CVE-2003-0349
|
| Summary |
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 7.5 (as of 12-10-2018 - 21:32) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| oval
via4
|
| accepted | 2004-06-30T12:00:00.000-04:00 | | class | vulnerability | | contributors | | name | Christine Walzer | | organization | The MITRE Corporation |
| | description | Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll. | | family | windows | | id | oval:org.mitre.oval:def:938 | | status | accepted | | submitted | 2004-05-18T12:00:00.000-04:00 | | title | IIS5.0 Windows Media Services Large POST Vulnerability | | version | 64 |
|
| refmap
via4
|
| bugtraq | 20030626 Windows Media Services Remote Command Execution #2 | | cert-vn | VU#113716 | | ntbugtraq | 20030626 Windows Media Services Remote Command Execution #2 | | sectrack | 1007059 | | secunia | 9115 |
|
| Last major update |
12-10-2018 - 21:32 |
| Published |
24-07-2003 - 04:00 |
| Last modified |
12-10-2018 - 21:32 |
