Description

The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.

Remediation

References

CVE-1999-0449

Related Vulnerabilities

Moodle Improper Check for Dropped Privileges Vulnerability (CVE-2019-14879)

WordPress Plugin PlanSo Forms Cross-Site Scripting (2.6.3)

WordPress Plugin Yoast SEO Cross-Site Scripting (5.7.1)

WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-14722)

Oracle Database Server CVE-2009-3414 Vulnerability (CVE-2009-3414)

Severity

High

Classification

CVE-1999-0449

Tags

Missing Update Known Vulnerabilities