Microsoft IIS Chunked Encoding Heap Overflow Variant Vulnerability

Microsoft IIS Chunked Encoding Heap Overflow Variant Vulnerability

A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS (Internet Information Services).

Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host.

This issue is a variation of BugTraq ID 4485 "Microsoft IIS Chunked Encoding Transfer Heap Overflow Vulnerability".

A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves.