Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.