CVE-2000-0115

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jan 21, 2000
Updated: Nov 20, 2024

Summary

CVE-2000-0115 is a denial-of-service vulnerability affecting Microsoft's Internet Information Services (IIS) server. This issue arises due to IIS's failure to adequately validate regular expressions in Visual Basic scripts used in Active Server Pages (ASP). Malicious users can exploit this vulnerability by crafting an invalid regular expression, which causes the server to consume excessive resources and ultimately results in a denial-of-service condition. Local users with the ability to create or modify ASP pages can leverage this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share