07.192.2006 - MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537)

Internet Information Services Using Malformed Active Server Pages Vulnerability - CVE-2006-0026: There is a remote code execution vulnerability in Internet Information Services (IIS). An attacker could exploit the vulnerability by constructing a specially crafted Active Server Pages (ASP) file, potentially allowing remote code execution if the Internet Information Services (IIS) processes the specially crafted file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - Download Microsoft Windows 2000 SP4 - Download Microsoft Windows XP SP1/SP2 - Download Microsoft Windows XP Professional x64 Edition - Download Microsoft Windows Server 2003 RTM/SP1 - Download Microsoft Windows Server 2003 RTM/SP1 Itanium Edition - Download Microsoft Windows Server 2003 x64 Edition - View Microsoft Security Bulletin MS06-034 - View Microsoft Knowledge Base Article - 917537 - Visit Microsoft Corporation