Oval Definition:	oval:org.mitre.oval:def:1427
Revision Date: 2011-05-16 Version: 19 Title: Windows XP IIS WebDAV Message Handler Denial of Service Vulnerability Description: The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0718 Platform(s): Microsoft Windows XP Product(s): Microsoft Internet Information Server (IIS) Definition Synopsis Windows XP is installed AND a vulnerable version of httpext.dll exists Service pack 1 and the version of httpext.dll is less than 6.0.2600.1579 Win2K/XP/2003/Vista service pack 1 is installed AND the version of httpext.dll is less than 6.0.2600.1579 OR no service pack and the version of httpext.dll is less than 6.0.2600.165 NOT Win2K/XP/2003 is patched AND the version of httpext.dll is less than 6.0.2600.165 AND NOT the patch KB824151 is installed
BACK