← CVECheck
HomeVulnerabilities

CVE-2002-1908 — MEDIUM severity vulnerability (Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a)

Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters.

CVE IDCVE-2002-1908
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:N/A:P
CWENVD-CWE-Other
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionMicrosoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →