CVE-2002-0869 Information

Description

Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges aka \Out of Process Privilege Elevation.\

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html http://marc.info/?l=bugtraq&m=103642839205574&w=2 http://www.ciac.org/ciac/bulletins/n-011.shtml http://www.iss.net/security_center/static/10502.php http://www.li0n.pe.kr/eng/advisory/ms/iis_impersonation.txt https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A929 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A930 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A983