This indicates a buffer overflow vulnerability in the processing of files with extensions .HTR, .STM and .IDC in Microsoft Internet Information Server (IIS).
Due to a buffer checking error, an attacker can send a malformed request to crash an IIS. An attacker can also send a specially-crafted message to a target system and execute arbitrary code on it.
Microsoft Internet Information Server version 4.0
Attackers can execute arbitrary code on infected machine and cause Denial-of-Service
Apply patch at http://www.microsoft.com/technet/security/bulletin/ms99-019.mspx or upgrade the system to the latest non-vulnerable version