VAR-200204-0007
Vulnerability from variot - Updated: 2025-04-03 22:25Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. Microsoft IIS In HTR The request is processed incorrectly and is invalid HTR There is a vulnerability that overflows in the heap area by receiving a request.ISM.DLL An arbitrary code may be executed with the execution right. This condition affects IIS 4.0, IIS 5.0 and may be effectively mitigated by disabling the extension. Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host. A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200204-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "internet information server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "internet information services",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.1,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.1,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "internet information server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#363715"
},
{
"db": "BID",
"id": "4474"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
},
{
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dave Aitel\u203b dave@immunitysec.com\u203bPeter Gr\u00fcndl\u203b pgrundl@kpmg.dk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0071",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0071",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0071",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#363715",
"trust": 0.8,
"value": "9.00"
},
{
"author": "NVD",
"id": "CVE-2002-0071",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200204-024",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2002-0071",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#363715"
},
{
"db": "VULMON",
"id": "CVE-2002-0071"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
},
{
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. Microsoft IIS In HTR The request is processed incorrectly and is invalid HTR There is a vulnerability that overflows in the heap area by receiving a request.ISM.DLL An arbitrary code may be executed with the execution right. \nThis condition affects IIS 4.0, IIS 5.0 and may be effectively mitigated by disabling the extension. \nExploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host. \nA number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0071"
},
{
"db": "CERT/CC",
"id": "VU#363715"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"db": "BID",
"id": "4474"
},
{
"db": "VULMON",
"id": "CVE-2002-0071"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4474",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#363715",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2002-0071",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "3325",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2002-09",
"trust": 0.6
},
{
"db": "MS",
"id": "MS02-018",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020411 KPMG-2002010: MICROSOFT IIS .HTR ISAPI BUFFER OVERRUN",
"trust": 0.6
},
{
"db": "XF",
"id": "8799",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:45",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:130",
"trust": 0.6
},
{
"db": "ATSTAKE",
"id": "A041002-1",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20020415 MICROSOFT IIS VULNERABILITIES IN CISCO PRODUCTS - MS02-018",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200204-024",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2002-0071",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#363715"
},
{
"db": "VULMON",
"id": "CVE-2002-0071"
},
{
"db": "BID",
"id": "4474"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
},
{
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"id": "VAR-200204-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2025-04-03T22:25:21.585000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS02-018",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS02-018.asp"
},
{
"title": "MS02-018",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/MS02-018.mspx"
},
{
"title": "Cisco: Microsoft IIS Vulnerabilities in Cisco Products - MS02-018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20020415-ms02-018"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2002-0071"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/4474"
},
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/363715"
},
{
"trust": 2.5,
"url": "http://www.atstake.com/research/advisories/2002/a041002-1.txt"
},
{
"trust": 2.5,
"url": "http://www.cert.org/advisories/ca-2002-09.html"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/microsoft-iis-vulnerabilities-ms02-018.shtml"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/8799.php"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/3325"
},
{
"trust": 1.4,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-018.asp"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101854087828265\u0026w=2"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a45"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a130"
},
{
"trust": 1.1,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/downloads/release.asp?releaseid=37931 "
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/downloads/release.asp?releaseid=37824 "
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0071"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr021401.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-09"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0071"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101854087828265\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:45"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:130"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-018.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;q317636"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/advisory/default.mspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#363715"
},
{
"db": "VULMON",
"id": "CVE-2002-0071"
},
{
"db": "BID",
"id": "4474"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
},
{
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#363715"
},
{
"db": "VULMON",
"id": "CVE-2002-0071"
},
{
"db": "BID",
"id": "4474"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
},
{
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-04-10T00:00:00",
"db": "CERT/CC",
"id": "VU#363715"
},
{
"date": "2002-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0071"
},
{
"date": "2002-04-10T00:00:00",
"db": "BID",
"id": "4474"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"date": "2002-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200204-024"
},
{
"date": "2002-04-22T04:00:00",
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#363715"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0071"
},
{
"date": "2002-04-10T00:00:00",
"db": "BID",
"id": "4474"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000077"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200204-024"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0071"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Information Server (IIS) vulnerable to heap overflow during processing of crafted \".htr\" request by \"ISM.DLL\" ISAPI filter",
"sources": [
{
"db": "CERT/CC",
"id": "VU#363715"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "4474"
},
{
"db": "CNNVD",
"id": "CNNVD-200204-024"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…