CVE-2003-0224 — HIGH severity vulnerability (Buffer overflow in ssinc.dll for Microsoft Internet Informat)
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."
| CVE ID | CVE-2003-0224 |
|---|---|
| Severity | HIGH |
| CVSS score | 10.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2003-06-09 |
| Last modified | 2026-04-16 |
| Description | Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun." |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →