CVE-2002-0869
First published: Sat Nov 02 2002(Updated: )
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Information Services | =5.0 | |
| Microsoft Internet Information Server | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.iss.net/security_center/static/10502.php
- http://www.li0n.pe.kr/eng/advisory/ms/iis_impersonation.txt
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html
- http://www.ciac.org/ciac/bulletins/n-011.shtml
- http://marc.info/?l=bugtraq&m=103642839205574&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A983
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A930
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A929
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft internet information services
- version/microsoft internet information services/5.0
- canonical/microsoft internet information server
- version/microsoft internet information server/4.0