Lucene search

K
cve[email protected]CVE-2003-0225
HistoryJun 09, 2003 - 4:00 a.m.

CVE-2003-0225

2003-06-0904:00:00
NVD-CWE-Other
web.nvd.nist.gov
26
asp
response.addheader
microsoft
iis
denial of service
memory consumption
cve-2003-0225
nvd

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.062 Low

EPSS

Percentile

93.4%

The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.062 Low

EPSS

Percentile

93.4%

Related for CVE-2003-0225