CVE-2002-0150 - Unspecified vulnerability in Microsoft products

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Information Services 5.0 Microsoft Internet Information Server 4.0	2

Nessus

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS02-018.NASL
description	The remote version of Windows contains multiple flaws in the Internet Information Service (IIS), such as heap overflow, DoS, and XSS that could allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges.
last seen	2020-06-01
modified	2020-06-02
plugin id	10943
published	2002-04-23
reporter	This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10943
title	MS02-018: Cumulative Patch for Internet Information Services (327696)

NASL family	CGI abuses
NASL id	IIS_XSS_404.NASL
description	This IIS Server appears to be vulnerable to one of the cross-site scripting attacks described in MS02-018. The default
last seen	2020-06-01
modified	2020-06-02
plugin id	10936
published	2002-04-11
reporter	This script is Copyright (C) 2002-2018 Matt Moore
source	https://www.tenable.com/plugins/nessus/10936
title	Microsoft IIS Multiple Vulnerabilities (MS02-018)

Oval

accepted

2007-05-23T15:05:27.660-04:00

class

vulnerability

contributors

name Tiffany Bergeron
organization The MITRE Corporation
name Glenn Strickland
organization Secure Elements, Inc.
name Josh Turpin
organization Symantec Corporation

description

Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.

family

windows

id

oval:org.mitre.oval:def:137

status

deprecated

submitted

2004-01-14T12:00:00.000-04:00

title

DEPRECATED: Windows NT IIS HTTP Header Field Buffer Overflow

version

29