Microsoft Internet Information Services DOS Device Request Security Bypass Vulnerability

Microsoft Internet Information Services DOS Device Request Security Bypass Vulnerability

Microsoft Internet Information Services is prone to a security-bypass vulnerability.

Remote attackers can exploit this issue to hang the application, denying service to legitimate users, or disclose sensitive information. Attackers with physical access to the system may be able to execute arbitrary code with the privileges of the application.

Microsoft Internet Information Services 6.0 is vulnerable; other versions may also be affected.