Description

The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.

Remediation

References

CVE-2003-0225

Related Vulnerabilities

WordPress Plugin Royal Gallery Cross-Site Scripting (2.0)

Java Unspesificed Vulnerability (CVE-2019-2684)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3273)

XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)

Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25978)

Severity

Medium

Classification

CVE-2003-0225

Tags

Missing Update Known Vulnerabilities