MS.IIS.HTR.IDC.STM.File.Extension.Buffer.Overflow
Description
This indicates a buffer overflow vulnerability in the processing of files with extensions .HTR, .STM and .IDC in Microsoft Internet Information Server (IIS).
Due to a buffer checking error, an attacker can send a malformed request to crash an IIS. An attacker can also send a specially-crafted message to a target system and execute arbitrary code on it.
Affected Products
Microsoft Internet Information Server version 4.0
Impact
Attackers can execute arbitrary code on infected machine and cause Denial-of-Service
Recommended Actions
Apply patch at http://www.microsoft.com/technet/security/bulletin/ms99-019.mspx or upgrade the system to the latest non-vulnerable version
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |