CVE-2002-0147

4 documents4 sources
Severity
7.5HIGH
EPSS
40.1%
top 2.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Internet Information ServerMicrosoft Internet Information Services
Timeline
PublishedApr 22
Latest updateApr 30

Description

Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-hfh2-rr3h-89pj: Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 42022-04-30
CVEList
CVE-2002-0147: Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 42003-04-02

📋Vendor Advisories

1
Cisco
Microsoft IIS Vulnerabilities in Cisco Products - MS02-0182002-04-15
CVE-2002-0147 (HIGH CVSS 7.5) | Buffer overflow in the ASP data tra | cvebase.io