Description
cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp.
Affected products
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server3.0 – 3.0
- Microsoft / site_server_commerce3.0 – 3.0
- Microsoft / site_server_commerce3.0 – 3.0
- Microsoft / site_server_commerce3.0 – 3.0
- Microsoft / site_server_commerce3.0 – 3.0
- Microsoft / site_server_commerce3.0 – 3.0
- Microsoft / site_server_commerce3.0 – 3.0