Vulnerabilities > CVE-2008-4300 - Unspecified vulnerability in Microsoft Internet Information Services
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote attackers to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |