CVE-2001-1243

by Fred · 03/05/2002

Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the device name into ASP programs that internally use Scripting.FileSystemObject.

Date published : 2002-05-03

http://www.securityfocus.com/bid/2973

http://www.securityfocus.com/archive/1/194919

CVE-2001-1243

Similar

Recent Posts

Categories

CVE-2001-1243

Share this:

Similar

Recent Posts

Categories

Tags