- Home
- CVEs with oval.description==The+URL+parser+in+Microsoft+Internet+Information+Services+%28IIS%29+5.1+on+Windows+XP+Professional+SP2+allows+remote+attackers+to+execute+arbitrary+code+via+multiple+requests+to+%22.dll%22+followed+by+arguments+such+as+%22%7E0%22+through+%22%7E9%22%2C+which+causes+ntdll.dll+to+produce+a+return+value+that+is+not+correctly+handled+by+IIS%2C+as+demonstrated+using+%22%2F_vti_bin%2F.dll%2F%2A%2F%7E0%22.++NOTE%3A+the+consequence+was+originally+believed+to+be+only+a+denial+of+service+%28application+crash+and+reboot%29.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top