The vulnerability is due to crafted HTTP request by passing large value in Range header, IIS fails to validate the value properly leading to Denial of Service (Unresponsive or Blue Screen of Death) and possible Code Execution.
[VIDEO] Denial of Service (MS15-034 /CVE-2015-1635)
in
Denial of Service,
DOS,
MS15-034
- on 4:38
- No comments
The vulnerability is due to crafted HTTP request by passing large value in Range header, IIS fails to validate the value properly leading to Denial of Service (Unresponsive or Blue Screen of Death) and possible Code Execution.
Publicar un comentario