Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0225


Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0225
Last Modified 10 Sep 2008 03:18:18
Published 09 Jun 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.

Vulnerable Systems


  • Microsoft Internet Information Server 4.0

  • Microsoft Internet Information Server 5.0


MS - MS03-018


NTBUGTRAQ - 20030418 Microsoft Active Server Pages DoS

Last Updated: 27 May 2016 10:37:50