CVE-2003-0224

3 documents3 sources

Severity

10.0CRITICAL

EPSS

18.9%

top 4.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Information Services

Timeline

PublishedJun 9

Latest updateApr 29

Description

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/internet_information_services5.0

🔴Vulnerability Details

GHSA

GHSA-gqq6-j226-wgg7: Buffer overflow in ssinc↗2022-04-29

▶

CVEList

CVE-2003-0224: Buffer overflow in ssinc↗2003-05-30

▶