Oval Definition:oval:org.mitre.oval:def:66
Revision Date:2011-05-16Version:19
Title:IIS ASP Function Cross-site Scripting
Description:Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0223
Platform(s):Microsoft Windows 2000
Product(s):Microsoft Internet Information Server (IIS)
Definition Synopsis
  • IIS major version equals 5
  • AND IIS minor version equals 0
  • AND File %windir%\system32\inetsrv\asp.dll version is less than 5.0.2195.6672
  • AND NOT Patch Q811114 Installed
  • AND NOT SP4 or later Installed
    • BACK