The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote malicious users to generate a large header to cause a denial of service (memory consumption) with an ASP page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet information server 4.0 |
||
microsoft internet information services 5.0 |