Race Condition Vulnerability in IIS SSL ISAPI Filter by Microsoft
CVE-1999-0861

Currently unrated

Key Information:

Vendor
Microsoft
Status
Site Server
Commercial Internet System
Internet Information Server
Site Server Commerce
Vendor
CVE Published:
11 August 1999

Summary

A race condition exists in the SSL ISAPI filter of Microsoft's Internet Information Services (IIS) and other affected servers. This flaw could allow an attacker to exploit the timing of request processing, potentially leaking sensitive information in plaintext format. As a consequence, unauthorized users may gain access to confidential data transmitted over secure connections. To mitigate this security risk, it's crucial to apply recommended patches and updates as advised by Microsoft.

References

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN...
vendor-advisoryx_refsource_MSKB
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.