MS.IIS.Biztalk.BizTalkHttpReceive.Access

description-logoDescription

It indicates a buffer overrun vulnerability in Microsoft Biztalk Server.


There exists buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 that allows attackers to execute arbitrary code on a target system via a certain request to the HTTP receiver.

affected-products-logoAffected Products

Any unprotected Microsoft Biztalk server 2002 is vulnerable to the attack.

Impact logoImpact

Attackers can execute arbitrary code on the victim system.

recomended-action-logoRecommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version.


Disable the Http receive functionality unless absolutely needed.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)