Remote Code Execution Vulnerability in Microsoft Internet Information Services 5.1
CVE-2005-4360

Currently unrated

Key Information:

Vendor
Microsoft
Status
Internet Information Services
Vendor
CVE Published:
20 December 2005

Summary

The URL parsing mechanism in Microsoft Internet Information Services (IIS) version 5.1 for Windows XP Professional SP2 can be exploited by remote attackers. By sending specially crafted requests to the server that target .dll files, these attackers can execute arbitrary code. This exploitation occurs when the arguments passed after the .dll request, such as '~0' to '~9', trigger a mishandling of return values in ntdll.dll. The potential impact of this vulnerability extends beyond mere denial of service, allowing attackers to gain unauthorized access and execute harmful code on the server.

References

http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg0...
vendor-advisoryx_refsource_HP
http://www.securityfocus.com/archive/1/419707/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

76% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.