Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1133


Vulnerability Score 6.8 6.8
CVE Id CVE-2004-1133
Last Modified 10 Sep 2008 03:29:16
Published 10 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remote attackers to inject arbitrary HTML and web script via (1) HTTP headers such as "Connection" or (2) invalid parameters whose values are echoed in the resulting error message.

Vulnerable Systems


  • Microsoft W3who.dll


XF - w3who-http-error-xss(18375)

FULLDISC - 20041206 Multiple vulnerabilities in w3who ISAPI DLL

Last Updated: 27 May 2016 10:38:54