5 matches found
CVE-2004-1133
Multiple cross-site scripting XSS vulnerabilities in Microsoft W3Who ISAPI w3who.dll allow remote attackers to inject arbitrary HTML and web script via 1 HTTP headers such as "Connection" or 2 invalid parameters whose values are echoed in the resulting error message...
CVE-2004-1134
Buffer overflow in the Microsoft W3Who ISAPI w3who.dll allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string...
CVE-2004-1133
Multiple cross-site scripting XSS vulnerabilities in Microsoft W3Who ISAPI w3who.dll allow remote attackers to inject arbitrary HTML and web script via 1 HTTP headers such as "Connection" or 2 invalid parameters whose values are echoed in the resulting error message...
CVE-2004-1134
Buffer overflow in the Microsoft W3Who ISAPI w3who.dll allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string...
CVE-2004-1134
CVE-2004-1134 covers a stack/ buffer overflow in the Microsoft IIS ISAPI w3who.dll (W3Who) triggered by long query strings. The root cause is lack of input sanitization for CGI variables, enabling remote attackers to cause denial of service and potentially execute arbitrary code with IIS privileg...