Back to search
CVE-2003-0225
Published: May 30, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MS03-018
vendor-advisory
x_refsource_MS
oval:org.mitre.oval:def:373
vdb-entry
signature
x_refsource_OVAL
20030418 Microsoft Active Server Pages DoS
mailing-list
x_refsource_NTBUGTRAQ
http://www.aqtronix.com/Advisories/AQ-2003-01.txt
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now