Computerworld

Vulnerability: Internet Information Server 4.0 and 5.0

This vulnerability involves a buffer overrun in the Chunked Encoding datatransfer mechanism in IIS 4.0 and 5.0, and could be used to overrun heap memory on the system, with the result of either causing the IIS service to fail or allowing code to be run on the server.

Further information and a patch can be found here