Oval Definition:	oval:org.mitre.oval:def:182
Revision Date: 2007-05-23 Version: 15 Title: Windows NT IIS Heap Overrun in HTR Chunked Encoding Description: Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2002-0364 Platform(s): Microsoft Windows NT Product(s): Microsoft Internet Information Server (IIS) Definition Synopsis Software section IIS 4.0 Major Version AND IIS minor version equals 0 AND File %windir%\system32\inetsrv\ism.dll version is less than 4.2.776.1 AND NOT Patch Q321599 Installed AND NOT Patch Q327696 Installed AND NOT Patch Q811114 Installed AND Configuration section ism.dll mapping exists
BACK