Access violation in URL error handlingID: oval:org.mitre.oval:def:12315 | Date: (C)2010-07-16 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows NT |
Microsoft Windows XP |
Product: |
Microsoft Internet Information Server (IIS) |