Vulnerability: FrontPage Server Extensions 2000 and 2002

The SmartHTML Interpreter in FrontPage Server Extensions contains a flaw that could be exposed when processing a request for a particular type of web file, if the request had certain specific characteristics. This flaw affects the two versions of FrontPage Server Extensions differently. On FrontPage Server Extensions 2000, such a request would cause the interpreter to consume most or all CPU availability until the web service was restarted. On FrontPage Server Extensions 2002, the same type of request could cause a buffer overrun, potentially allowing an attacker to run code of his choice.

A patch is available here

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments