CVE-2006-1364

2006-03-23T11:06:00
ID CVE-2006-1364
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:32:00

Description

Microsoft w3wp (aka w3wp.exe) does not properly handle when the AspCompat directive is not used when referencing COM components in ASP.NET, which allows remote attackers to cause a denial of service (resource consumption or crash) by repeatedly requesting each of several documents that refer to COM components, or are restricted documents located under the ASP.NET application path.