CVE-2003-0117

Microsoft BizTalk Server 2002 - Buffer Overflow in HTTP Receiver Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0117. PoCs published by Cesar Cerrudo.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Microsoft BizTalk Server 2002 via an overly long HTTP POST request to the biztalkhttpreceive.dll endpoint. Successful exploitation could lead to arbitrary code execution in the context of the IIS Server.

Description

Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cesar Cerrudo · textdoswindows

https://www.exploit-db.com/exploits/22553

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Microsoft BizTalk Server 2002 via an overly long HTTP POST request to the biztalkhttpreceive.dll endpoint. Successful exploitation could lead to arbitrary code execution in the context of the IIS Server.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft BizTalk Server 2002

No auth needed

Prerequisites: HTTP Receiver component installed · Network access to the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-016

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105216866132289&w=2

Scores

EPSS 0.0906

EPSS Percentile 94.6%

Details

Status published

Products (1)

microsoft/biztalk_server 2002 (2 CPE variants)

Published May 12, 2003

Tracked Since Feb 18, 2026