CVE-1999-1223

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Dec 31, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1223 is a denial-of-service vulnerability affecting Internet Information Services (IIS) version 3.0. Malicious actors can trigger the issue by making requests to an Active Server Page (ASP) that includes a large number of forward slash characters in the URL. The excessive number of slashes overloads the server, leading to a crash and subsequent denial of service. This vulnerability can potentially disrupt the availability of IIS-hosted websites.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft IIS

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlTL_
https://www.cve.org/CVERecord?id=CVE-1999-1223
https://nvd.nist.gov/vuln/detail/CVE-1999-1223

Back to Vulnerability Database