Description

The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.

Remediation

References

CVE-1999-0449

Related Vulnerabilities

WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9639)

WordPress Plugin WP User Switch Security Bypass (1.0.2)

Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-26477)

Severity

High

Classification

CVE-1999-0449

Tags

Missing Update Known Vulnerabilities