This update addresses several newly discovered security vulnerabilities affecting Internet Information Services (IIS) 5.1 on Windows XP, as well as incorporating all previous updates for IIS.
Ten new vulnerabilities, the most serious of which could enable code of an attacker"s choice to be run on a server.
- A buffer overrun vulnerability involving the operation of the chunked encoding transfer mechanism via Active Server Pages in IIS 4.0 and 5.0
- A Microsoft-discovered vulnerability that is related to the preceding one, but which lies elsewhere within the ASP data transfer mechanism.
- A buffer overrun involving how IIS 4.0, 5.0 and 5.1 process HTTP header information in certain cases.
- A Microsoft-discovered buffer overrun vulnerability in IIS 4.0, 5.0 and 5.1 that results from an error in safety check that is performed during server-side includes.
- A buffer overrun affecting the HTR ISAPI extension in IIS 4.0 and 5.0.
- A denial of service vulnerability involving the way IIS 4.0, 5.0, and 5.1 handle an error condition from ISAPI filters.
- A denial of service vulnerability involving the way the FTP service in IIS 4.0, 5.0 and 5.1 handles a request for the status of the current FTP session.
- A trio of Cross-Site Scripting (CSS) vulnerabilities affecting IIS 4.0, 5.0 and 5.1: one involving the results page that"s returned when searching the IIS Help Files, one involving HTTP error pages; and one involving the error message that"s returned to advise that a requested URL has been redirected.
Customers using any of the affected products should install the patch immediately.