Liangxu Linux

Oct 27, 2021 · Information Security

How an Integer Overflow in IIS’s Read Function Triggers CVE‑2015‑1635

The article explains how a signed‑to‑unsigned integer overflow in IIS’s Read function bypasses size checks, leading to a zero‑length read that triggers the CVE‑2015‑1635 vulnerability in HTTP.sys, allowing attackers to crash the server with crafted Range requests.