ID CVE-2004-0205
Summary Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
References
Vulnerable Configurations
  • cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*
  • cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
  • cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*
  • cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*
    cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 12-10-2018 - 21:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2008-03-24T04:00:23.139-04:00
class vulnerability
contributors
  • name David Proulx
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Glenn Strickland
    organization Secure Elements, Inc.
  • name Jonathan Baker
    organization The MITRE Corporation
definition_extensions
comment Microsoft Windows NT is installed
oval oval:org.mitre.oval:def:36
description Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
family windows
id oval:org.mitre.oval:def:2204
status accepted
submitted 2004-07-13T12:00:00.000-04:00
title IIS4.0 Redirect Function Buffer Overflow
version 43
refmap via4
bid 10706
cert TA04-196A
cert-vn VU#717748
ciac O-179
osvdb 7799
secunia 12061
xf iis-redirect-bo(16578)
Last major update 12-10-2018 - 21:34
Published 06-08-2004 - 04:00
Last modified 12-10-2018 - 21:34
Back to Top