Vulnerability in N/a
CVE-2003-0225
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (…
EPSS: 0.576 (98.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- MS03-018 (x_refsource_MS, vendor-advisory)
- oval:org.mitre.oval:def:373 (signature, x_refsource_OVAL, vdb-entry)
- 20030418 Microsoft Active Server Pages DoS (mailing-list, x_refsource_NTBUGTRAQ)
- www.aqtronix.com/Advisories/AQ-2003-01.txt (x_refsource_MISC)