BlackKite: Home
Menu

PUBLISHED DATE: April 22, 2002CVE-2002-0150:
Denial of Service Vulnerability

CVSS:
7.5
EPSS:
6761.90%
Exploitability:
10
In KEV:
No
Description

Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.

Products
Questions to Ask Vendors
  1. Can you confirm whether your systems are affected by CVE-2002-0150, and if so, what steps are you currently taking to mitigate this vulnerability?
  2. What is your estimated timeline for fully resolving CVE-2002-0150 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
References

Ready to get results you can trust?