Buffer Overflow in Microsoft FrontPage Server Extensions 2000 and 2002
CVE-2002-0692

Currently unrated

Key Information:

Vendor: Microsoft
Status: Frontpage Server Extensions
Vendor: CVE Published:; 10 October 2002

What is CVE-2002-0692?

The SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions versions 2000 and 2002 has a buffer overflow vulnerability. This flaw allows remote attackers to send crafted web file requests that can lead to significant CPU consumption, causing denial of service. Additionally, this vulnerability can be exploited to execute arbitrary code, potentially compromising the affected system.

References

http://www.securityfocus.com/bid/5804

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/723537

third-party-advisoryx_refsource_CERT-VN

http://www.iss.net/security_center/static/10194.php

vdb-entryx_refsource_XF

EPSS Score

38% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2002
Vulnerability Reserved
Jul 12, 2002