IIS XSS Via IDC Error Network Vulnerability

Summary

This IIS Server appears to be vulnerable to a Cross Site Scripting due to an error in the handling of overlong requests on an idc file. It is possible to inject Javascript in the URL, that will appear in the resulting page.

References

http://online.securityfocus.com/bid/5900
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0210&L=ntbugtraq&F=P&S=&P=1391

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

AN Guestbook Local File Inclusion Vulnerability
Apache Tomcat Directory Listing and File disclosure
Adobe ColdFusion HTTP Response Splitting Vulnerability
Apache Tomcat TroubleShooter Servlet Installed
Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities

IIS XSS via IDC error

Take action and discover your vulnerabilities