CVE-2002-0364

N/A Unknown

Published: July 03, 2002 Modified: April 16, 2026

Description

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0099.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=102392069305962&w=2

Source: cve@mitre.org

http://marc.info/?l=ntbugtraq&m=102392308608100&w=2

Source: cve@mitre.org

http://online.securityfocus.com/archive/1/276767

Source: cve@mitre.org

http://www.iss.net/security_center/static/9327.php

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/313819

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/4855

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-028

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A182

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A29

Source: cve@mitre.org

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0099.html