CVE-2004-0205 - Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arb

CVE-2004-0205

Summary

Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.

References

Vulnerable Configurations

cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*
cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*
cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

oval via4

accepted

2008-03-24T04:00:23.139-04:00

class

vulnerability

contributors

definition_extensions

comment	Microsoft Windows NT is installed
oval	oval:org.mitre.oval:def:36

description

Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.

family

windows

oval:org.mitre.oval:def:2204

status

accepted

submitted

2004-07-13T12:00:00.000-04:00

title

IIS4.0 Redirect Function Buffer Overflow

version

refmap via4

Last major update

12-10-2018 - 21:34

Published

06-08-2004 - 04:00

Last modified

12-10-2018 - 21:34