CVE-2002-0869 | Vulnerability Database | Aqua Security

Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka Out of Process Privilege Elevation.

Affected Software

Name	Vendor	Start Version	End Version
Internet_information_server	Microsoft	4.0 (including)	4.0 (including)
Internet_information_services	Microsoft	5.0 (including)	5.0 (including)

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html
http://marc.info/?l=bugtraq\u0026m=103642839205574\u0026w=2
http://www.ciac.org/ciac/bulletins/n-011.shtml
http://www.iss.net/security_center/static/10502.php
http://www.li0n.pe.kr/eng/advisory/ms/iis_impersonation.txt
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A929
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A930
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A983

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0869
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html