oval:org.mitre.oval:def:942

Definition Id: oval:org.mitre.oval:def:942

Oval ID:	oval:org.mitre.oval:def:942
Title:	Windows 2000 IIS Cross-site Scripting Vulnerabilities
Description:	Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2002-1181	Version:	2
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
IIS major version equals 5 AND IIS minor version equals 0 AND File %windir%\System32\msw3prt.dll is less than 5.0.2195.5807 AND NOT Patch Q327696 Installed AND NOT Patch Q811114 Installed