CVE-2002-0869 | Vulnerability Database | Aqua Security

Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka Out of Process Privilege Elevation.

Affected Software

Name	Vendor	Start Version	End Version
Internet_information_services	Microsoft	5.0	5.0
Internet_information_server	Microsoft	4.0	4.0

References

http://www.iss.net/security_center/static/10502.php
http://www.li0n.pe.kr/eng/advisory/ms/iis_impersonation.txt
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html
http://www.ciac.org/ciac/bulletins/n-011.shtml
http://marc.info/?l=bugtraq\u0026m=103642839205574\u0026w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A983
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A930
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A929
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0869
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html