1999-09-29 04:00:00
mitre
PUBLISHED
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.