Vulnerability: FrontPage Server Extensions 2000 and 2002

The SmartHTML Interpreter in FrontPage Server Extensions contains a flaw that could be exposed when processing a request for a particular type of web file, if the request had certain specific characteristics. This flaw affects the two versions of FrontPage Server Extensions differently. On FrontPage Server Extensions 2000, such a request would cause the interpreter to consume most or all CPU availability until the web service was restarted. On FrontPage Server Extensions 2002, the same type of request could cause a buffer overrun, potentially allowing an attacker to run code of his choice.

A patch is available here

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Microsoft

Show Comments