Unrated severityNVD Advisory· Published Dec 31, 2003· Updated Jun 16, 2026
CVE-2003-1306
CVE-2003-1306
Description
Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
3- archives.neohapsis.com/archives/sf/www-mobile/2003-q3/0021.htmlnvdExploit
- www.osvdb.org/29370nvdExploit
- secunia.com/advisories/9194nvdVendor Advisory
News mentions
0No linked articles in our index yet.