Description

The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.

Remediation

References

CVE-2003-0225

Related Vulnerabilities

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8384)

MySQL CVE-2021-2213 Vulnerability (CVE-2021-2213)

WordPress Plugin Easy2Map Multiple Vulnerabilities (1.2.9)

WordPress Plugin nBill Lite PHP Object Injection (3.2.2)

WordPress Plugin Responsive Image Slider, Photo Gallery And Carousel Security Bypass (1.3.5)

Severity

Medium

Classification

CVE-2003-0225

Tags

Missing Update Known Vulnerabilities