VYPR
Unrated severityNVD Advisory· Published Aug 14, 2001· Updated Jun 16, 2026

CVE-2001-0524

CVE-2001-0524

Description

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.