CVE-1999-0449 — Microsoft Internet Information Server vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

EPSS

36.2%

top 2.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Information Server

Timeline

PublishedJan 26

Latest updateApr 30

Description

The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDmicrosoft/internet_information_server4.0

🔴Vulnerability Details

GHSA

GHSA-9mvc-88j3-6fmc: The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch↗2022-04-30

▶

CVEList

CVE-1999-0449: The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch↗1999-09-29

▶