Vulnerability in N/a
CVE-2005-4360
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which cau…
EPSS: 0.784 (99.1th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- SSRT071446 (x_refsource_HP, vendor-advisory)
- 20051216 Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit (mailing-list, x_refsource_BUGTRAQ)
- oval:org.mitre.oval:def:1703 (signature, x_refsource_OVAL, vdb-entry)
- 271 (x_refsource_SREASON, third-party-advisory)
- 1015376 (vdb-entry, x_refsource_SECTRACK)
- 21805 (x_refsource_OSVDB, vdb-entry)
- ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html (x_refsource_MISC)
- ADV-2005-2963 (vdb-entry, x_refsource_VUPEN)
- MS07-041 (x_refsource_MS, vendor-advisory)
- 15921 (vdb-entry, x_refsource_BID)