header-logo
Suggest Exploit
vendor:
BizTalk Server
by:
SecurityFocus
8.3
CVSS
HIGH
Buffer Overrun
119
CWE
Product Name: BizTalk Server
Affected Version From: BizTalk Server 2002
Affected Version To: BizTalk Server 2002
Patch Exists: YES
Related CWE: CVE-2002-0647
CPE: o:microsoft:biztalk_server:2002
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Microsoft BizTalk Server 2002 Buffer Overrun

Microsoft BizTalk Server 2002 contains a boundary condition error that could allow a buffer to be overrun. Successful exploitation could allow arbitrary code execution in the security context of the IIS Server hosting the application.

Mitigation:

It is important to note that the HTTP Receiver is an optional component and is not installed by default.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7469/info

Microsoft BizTalk Server 2002 contains a boundary condition error that could allow a buffer to be overrun. Successful exploitation could allow arbitrary code execution in the security context of the IIS Server hosting the application.

It is important to note that the HTTP Receiver is an optional component and is not installed by default.

POST /Site/biztalkhttpreceive.dll?XXXX...(more than 250 chars) HTTP/1.0

Navigation

Suggest Exploit

Services By CQR