Vulnerabilities > CVE-2001-1243 - Local DoS vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the device name into ASP programs that internally use Scripting.FileSystemObject.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description Microsoft IIS 4.0/5.0 Device File Local DoS Vulnerability. CVE-2001-1243 . Dos exploit for windows platform id EDB-ID:20989 last seen 2016-02-02 modified 2001-07-04 published 2001-07-04 reporter VIPER_SV source https://www.exploit-db.com/download/20989/ title Microsoft IIS 4.0/5.0 Device File Local DoS Vulnerability description Microsoft IIS 4.0/5.0 Device File Remote DoS Vulnerability. CVE-2001-1243. Dos exploit for windows platform id EDB-ID:20991 last seen 2016-02-02 modified 2001-07-04 published 2001-07-04 reporter VIPER_SV source https://www.exploit-db.com/download/20991/ title Microsoft IIS 4.0/5.0 Device File Remote DoS Vulnerability