Vulnerabilities > CVE-2000-1147 - Buffer Overflow vulnerability in Microsoft Internet Information Server 4.0

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
microsoft
exploit available

Summary

Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag.

Vulnerable Configurations

Part Description Count
Application
Microsoft
1

Exploit-Db

descriptionMicrosoft IIS 4.0 ISAPI Buffer Overflow Vulnerability. CVE-2000-1147. Local exploit for windows platform
idEDB-ID:20383
last seen2016-02-02
modified2000-11-06
published2000-11-06
reporterMarc Maiffret
sourcehttps://www.exploit-db.com/download/20383/
titleMicrosoft IIS 4.0 ISAPI Buffer Overflow Vulnerability