CVE-2003-0349

critical

Description

Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A938

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-022

http://www.kb.cert.org/vuls/id/113716

http://securitytracker.com/id?1007059

http://secunia.com/advisories/9115

http://marc.info/?l=bugtraq&m=105665030925504&w=2

Details

Source: Mitre, NVD

Published: 2003-07-24

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical