Oval Definition:	oval:org.mitre.oval:def:743
Revision Date: 2011-05-16 Version: 6 Title: MS FrontPage Server Extensions Chunked Encoded Request Buffer Overflow (Test 5) Description: Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0822 Platform(s): Microsoft Windows 2000 Product(s): Microsoft FrontPage Server Extensions 2000 Definition Synopsis Software section Windows 2000 (sp3 or earlier) is installed Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 4 (or later) is installed AND a vulnerable version of fp30reg.dll or fp4areg.dll exists the version of fp4areg.dll is less than 4.0.02.7523 OR the version of fp30reg.dll is less than 4.00.02.7523 AND NOT the patch q810217 is installed (Hotfix key) AND Configuration section FrontPage Server Extensions 2000 are enabled (2K, XP)
BACK