virus logo Intrusion Prevention

MS.IIS.HTR.IDC.STM.File.Extension.Buffer.Overflow

description-logoDescription

This indicates a buffer overflow vulnerability in the processing of files with extensions .HTR, .STM and .IDC in Microsoft Internet Information Server (IIS).


Due to a buffer checking error, an attacker can send a malformed request to crash an IIS. An attacker can also send a specially-crafted message to a target system and execute arbitrary code on it.

affected-products-logoAffected Products

Microsoft Internet Information Server version 4.0

Impact logoImpact

Attackers can execute arbitrary code on infected machine and cause Denial-of-Service

recomended-action-logoRecommended Actions

Apply patch at http://www.microsoft.com/technet/security/bulletin/ms99-019.mspx or upgrade the system to the latest non-vulnerable version

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1
ID 12616
Created Sep 11, 2006
Updated Sep 12, 2017
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App IIS