oval:org.mitre.oval:def:66

Definition Id: oval:org.mitre.oval:def:66

Oval ID:	oval:org.mitre.oval:def:66
Title:	IIS ASP Function Cross-site Scripting
Description:	Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0223	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
IIS major version equals 5 AND IIS minor version equals 0 AND File %windir%\system32\inetsrv\asp.dll version is less than 5.0.2195.6672 AND NOT Patch Q811114 Installed AND NOT SP4 or later Installed