Microsoft Internet Information Server 5.1 DLL Request Remote Code Execution Vulnerability

Bugtraq ID: 15921
Class: Boundary Condition Error
CVE: CVE-2005-4360
Remote: Yes
Local: No
Published: Dec 17 2005 12:00AM
Updated: Jul 13 2007 03:27PM
Credit: Discovered by Inge Henriksen <nge.henriksen@booleansoft.com>. Jonathan Afek and Adi Sharabani of Watchfire supplied more information and assisted Microsoft with this issue.
Vulnerable: Microsoft IIS 5.1
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
+ Microsoft Windows XP 64-bit Edition SP1
+ Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP 64-bit Edition
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home
- Microsoft Windows XP Home
+ Microsoft Windows XP Professional SP1
+ Microsoft Windows XP Professional SP1
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus