CVE-2000-0226 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Information Server

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

12.7%

top 5.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Information Server

Timeline

PublishedMar 20

Latest updateApr 30

Description

IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_information_server4.0

🔴Vulnerability Details

GHSA

GHSA-4w69-7m7w-3rmh: IIS 4↗2022-04-30

▶

CVEList

CVE-2000-0226: IIS 4↗2000-06-02

▶