cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:temp.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Site_server | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server_commerce | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server_commerce | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server_commerce | Microsoft | 3.0 | 3.0 |
Site_server_commerce | Microsoft | 3.0 | 3.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server_commerce | Microsoft | 3.0 | 3.0 |
Site_server_commerce | Microsoft | 3.0 | 3.0 |