CVE-2002-0869

CVE Database · CVE-2002-0869

CVE-2002-0869

· N/AModified

CVSS v3.1

N/A

EPSS

23.64%

Published

Nov 12, 2002

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation."

Affected Products (2)

microsoft · internet_information_servervulnerable

microsoft · internet_information_servicesvulnerable

References (18)

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html

http://marc.info/?l=bugtraq&m=103642839205574&w=2

http://www.ciac.org/ciac/bulletins/n-011.shtml

http://www.iss.net/security_center/static/10502.php

PatchVendor Advisory

http://www.li0n.pe.kr/eng/advisory/ms/iis_impersonation.txt

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A929

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A930

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A983

KEV Catalog EPSS Scores Vendors All CVEs