Description
Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the device name into ASP programs that internally use Scripting.FileSystemObject.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP iCommerce-the first interactive ecommerce for wordpress SQL Injection (1.1.1)
WordPress Plugin BuddyBoss Wall Cross-Site Scripting (1.1.7)
WordPress Plugin Absolute Reviews Cross-Site Request Forgery (1.0.8)
WordPress Plugin VikRentCar Car Rental Management System Cross-Site Scripting (1.1.9)
OpenSSL Resource Management Errors Vulnerability (CVE-2011-0014)