OVAL Repository - View Definition: oval:org.mitre.oval:def:483

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:483		Version: 8 Last Modified: 2011-04-26
Title:	IIS Server Side Include Web Pages Buffer Overrun
Description:	Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2003-0224
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
Software section IIS major version equals 5 AND IIS minor version equals 0 AND File %windir%\system32\inetsrv\ssinc.dll version is less than 5.0.2195.6624 AND NOT Patch Q811114 Installed AND NOT SP4 or later Installed AND Configuration section SmartHTML interpreter is enabled

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest