Code: p296 Severity: Warning
Description: A buffer not been checked when the idq.dll in dealing with some URL request. If an attacker provide a special format of the URL, which could trigger a buffer overflow. Through sending data the carefully constructed, an attacker could change the procedures for the implementation process, and then implementate arbitrary code. Impact: IIS4.0/IIS5.0 Corrective: Download and install patches sp2
|
