Vulnerability Note VU#723537

Microsoft SmartHTML interpreter (shtml.dll) contains vulnerability

Original Release date: 02 Oct 2002 | Last revised: 04 Oct 2002

Overview

Microsoft's SmartHTML interpreter (shtml.dll) contains a remotely exploitable vulnerability.

Description

shtml.dll is a component of FrontPage Server Extensions. FrontPage Server Extensions allow web developers to add or change content and to manage the web server.

Quoting from MS02-053, "The SmartHTML interpreter, shtml.dll, is part of FPSE, and supports certain types of dynamic web content. For instance, using SmartHTML, a web developer can build a web page that relies on FrontPage features, but not actually have those features embedded within the page until a user requests it."

A remotely exploitable vulnerability in shtml.dll can allow a remote attacker to disrupt the normal operation of the web server or execute arbitrary code with system privileges. For more details, please see the "Impact" section of this document.

Impact

There are varying impacts depending on the version of FrontPage Server Extensions running on the vulnerable host. If a user is running FrontPage Server Extensions 2000, an attacker can cause denial-of-service conditions on the web server (cause the web server to become unavailable). If a user is running FrontPage Server Extensions 2002, a remote attacker can execute arbitrary code with system privileges on the web server.

Solution

Apply a patch.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-02 Oct 2002
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Maninder Bharadwaj of Digital Defense Services, part of Digital GlobalSoft Ltd., is credited with discovering this vulnerability.

This document was written by Ian A Finlay. It is based on information provided by Microsoft.

Other Information

  • CVE IDs: CAN-2002-0692
  • Date Public: 25 Sep 2002
  • Date First Published: 02 Oct 2002
  • Date Last Updated: 04 Oct 2002
  • Severity Metric: 10.35
  • Document Revision: 24

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.