Oval Definition:oval:org.mitre.oval:def:915
Revision Date:2011-05-16Version:20
Title:IIS4.0 Buffer Overflow
Description:Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-1999-0874
Platform(s):Microsoft Windows NT
Product(s):Microsoft Internet Information Server (IIS)
Definition Synopsis
  • IIS 4.0 Major Version
  • AND IIS minor version equals 0
  • AND File %windir%\System32\w3svc.dll is less than 4.0.1381.164
  • AND NOT Win2K/XP/2003 service pack 6 (or later) is installed
  • BACK