CVE-2002-0149

4 documents4 sources
Severity
7.5HIGH
EPSS
52.4%
top 2.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Internet Information ServerMicrosoft Internet Information Services
Timeline
PublishedApr 22
Latest updateApr 30

Description

Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-gvfr-3mp4-9pjj: Buffer overflow in ASP Server-Side Include Function in IIS 42022-04-30
CVEList
CVE-2002-0149: Buffer overflow in ASP Server-Side Include Function in IIS 42003-04-02

📋Vendor Advisories

1
Cisco
Microsoft IIS Vulnerabilities in Cisco Products - MS02-0182002-04-15
CVE-2002-0149 (HIGH CVSS 7.5) | Buffer overflow in ASP Server-Side | cvebase.io