{"vuid":"VU#723537","idnumber":"723537","name":"Microsoft SmartHTML interpreter (shtml.dll) contains vulnerability","keywords":["Microsoft","SmartHTML Interpreter","shtml.dll","Frontpage Server Extensions","buffer overflow","DoS","denial of service","crafted request","web file","MS02-053","Q324096"],"overview":"Microsoft's SmartHTML interpreter (shtml.dll) contains a remotely exploitable vulnerability.","clean_desc":"shtml.dll is a component of FrontPage Server Extensions. FrontPage Server Extensions allow web developers to add or change content and to manage the web server. Quoting from MS02-053, \"The SmartHTML interpreter, shtml.dll, is part of FPSE, and supports certain types of dynamic web content. For instance, using SmartHTML, a web developer can build a web page that relies on FrontPage features, but not actually have those features embedded within the page until a user requests it.\" A remotely exploitable vulnerability in shtml.dll can allow a remote attacker to disrupt the normal operation of the web server or execute arbitrary code with system privileges. For more details, please see the \"Impact\" section of this document.","impact":"There are varying impacts depending on the version of FrontPage Server Extensions running on the vulnerable host. If a user is running FrontPage Server Extensions 2000, an attacker can cause denial-of-service conditions on the web server (cause the web server to become unavailable). If a user is running FrontPage Server Extensions 2002, a remote attacker can execute arbitrary code with system privileges on the web server.","resolution":"Apply a patch.","workarounds":"","sysaffected":"","thanks":"Maninder Bharadwaj of Digital Defense Services, part of Digital GlobalSoft Ltd., is credited with discovering this vulnerability.","author":"This document was written by Ian A Finlay. It is based on information provided by Microsoft.","public":["http://www.microsoft.com/technet/security/bulletin/MS02-053.asp","http://lists.netsys.com/pipermail/full-disclosure/2002-September/002252.html","http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnservext/html/fpovrw.asp"],"cveids":["CVE-2002-0692"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-09-26T14:55:59Z","publicdate":"2002-09-25T00:00:00Z","datefirstpublished":"2002-10-02T18:04:19Z","dateupdated":"2002-10-04T20:04:07Z","revision":24,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"8","cam_population":"8","cam_impact":"20","cam_easeofexploitation":"10","cam_attackeraccessrequired":"15","cam_scorecurrent":"10.35","cam_scorecurrentwidelyknown":"12.6","cam_scorecurrentwidelyknownexploited":"21.6","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":10.35,"vulnote":null}