Description

The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.

Remediation

References

CVE-2003-0225

Related Vulnerabilities

WordPress Plugin Tweet Wheel Spam (0.3)

WordPress Plugin WP to Twitter Cross-Site Scripting (3.0.5)

WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)

MongoDb Other Vulnerability (CVE-2018-20802)

WordPress Plugin Allow REL= and HTML in Author Bios Cross-Site Scripting (.1)

Severity

Medium

Classification

CVE-2003-0225

Tags

Missing Update Known Vulnerabilities