Windows Media Services contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to a flaw in the ISAPI (Internet Services Application Programming Interface) extension handling of incoming client requests in the nsiislog.dll file of the Internet Information Services (IIS). With a specially crafted POST request, an attacker may create a denial of service or exexcute arbitrary code.
This product uses the Daylife API but is not endorsed or certified by Daylife.
This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.