Microsoft IIS 4.0 and 5.0 contains a buffer overrun condition in the isapi extension that handles .htr extensions that allows attackers to crash the service and/or execute arbitrary code on the server. A flaw in ism.dll which handles files with the .htr extension is the cause of this vulnerability. Microsoft advisory on this vulnerability here.
d27278de1182e49dc003e21db2c36a8adea55112733bdca6d516e9cfd57786bf