CVE-2006-0026

Published: Jul 11, 2006Modified: Apr 16, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).

Affected (2)

Products: Microsoft: Internet Information Server, Internet Information Services

Microsoft

2 products

Internet Information Server

Internet Information Services

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Information Server	Version 6.0
Microsoft Internet Information Services	Version 5.0

References (22)

http://archives.neohapsis.com/archives/bugtraq/2006-07/0316.html

Source: secure@microsoft.com

http://secunia.com/advisories/21006

Source: secure@microsoft.com

PatchVendor Advisory

http://securitytracker.com/id?1016466

Source: secure@microsoft.com

Patch

http://www.kb.cert.org/vuls/id/395588

Source: secure@microsoft.com

PatchUS Government Resource

http://www.osvdb.org/27152

Source: secure@microsoft.com

http://www.securityfocus.com/bid/18858

Source: secure@microsoft.com

Patch

http://www.us-cert.gov/cas/techalerts/TA06-192A.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2006/2752

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-034

Source: secure@microsoft.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/26796

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A435

Source: secure@microsoft.com

http://archives.neohapsis.com/archives/bugtraq/2006-07/0316.html