Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0718


Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0718
Last Modified 10 Sep 2008 03:20:14
Published 03 Nov 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes.

Vulnerable Systems


  • Microsoft Internet Information Server 5.0

  • Microsoft Internet Information Server 5.1

  • Microsoft Internet Information Server 6.0


XF - iis-ms04030-patch(17656)

XF - iis-webdav-xml-attribute-dos(17645)

MS - MS04-030

BUGTRAQ - 20041012 Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS

Last Updated: 27 May 2016 10:38:01