Buffer Overflow in Microsoft Internet Information Server (IIS) 4.0
CVE-2004-0205

Currently unrated

Key Information:

Vendor

Avaya
Status
Definity One Media Server
S8100
Ip600 Media Servers
Internet Information Server
Vendor
CVE Published:
6 August 2004

What is CVE-2004-0205?

The Microsoft Internet Information Server (IIS) 4.0 is susceptible to a buffer overflow vulnerability, which allows local users to execute arbitrary code. This security flaw arises from improper handling of the redirect function, potentially enabling an attacker to manipulate server processes through crafted inputs. Organizations using IIS 4.0 should implement security measures to mitigate the risk associated with this vulnerability by applying updates and following best practices.

References

http://www.us-cert.gov/cas/techalerts/TA04-196A.html
third-party-advisoryx_refsource_CERT
http://www.securityfocus.com/bid/10706
vdb-entryx_refsource_BID
http://www.osvdb.org/7799
vdb-entryx_refsource_OSVDB

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.