Description

The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.

Remediation

References

CVE-1999-0449

Related Vulnerabilities

WordPress Plugin Location Weather Cross-Site Scripting (1.3.3)

WordPress Plugin Woocommerce Product Designer Arbitrary File Upload (3.0.3)

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.10)

Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385)

Microsoft SQL Server CVE-2023-36728 Vulnerability (CVE-2023-36728)

Severity

High

Classification

CVE-1999-0449

Tags

Missing Update Known Vulnerabilities