Description

The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.

Remediation

References

CVE-1999-0449

Related Vulnerabilities

WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Unspecified Vulnerability (2.0.3.4)

Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)

WordPress Plugin Constant Contact Forms Cross-Site Scripting (1.8.7)

Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5505)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0306)

Severity

High

Classification

CVE-1999-0449

Tags

Missing Update Known Vulnerabilities