CVE-2002-0072 Information
Share on:
Feb 14, 2021
cve
Description
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0 5.0 and 5.1 does not properly handle the error condition when a long URL is provided which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer.
Reference
http://marc.info/?l=bugtraq&m=101853851025208&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8800.php http://www.kb.cert.org/vuls/id/521059 http://www.osvdb.org/3326 http://www.securityfocus.com/bid/4479 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018