Microsoft IIS HTTP Header Field Delimiter Buffer Overflow Vulnerability

A buffer overflow related to the processing of request header fields has been reported for Microsoft IIS (Internet Information Services).

This problem is related to the interpretation of HTTP header field delimiters. This vulnerability affects IIS 4.0, IIS 5.0 and IIS 5.1.

Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host.

A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves.


Privacy Statement
Copyright 2010, SecurityFocus