A vulnerability in the way Microsoft Content Managment Server handles HTTP requests may lead to execution of arbitrary code.
Microsoft Content Managment Server (CMS) contains a vulnerability that could be exploited when it attempts to process specially crafted HTTP requests. According to Microsoft Security Bulletin MS07-018:
A remote code execution vulnerability results from the way that the Microsoft Content Management Server handles unexpected characters in an HTTP request.
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.
Microsoft has released an update to address this issue. See Microsoft Security Bulletin MS07-018 for more details.
This vulnerability was reported in Microsoft Security Bulletin MS07-018.
This document was written by Chris Taschner.
|Date First Published:||2007-04-17|
|Date Last Updated:||2007-04-17 13:50 UTC|