IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.Referenceshttps://marc.info/?l=ntbugtraq&m=94881904724731&w=2
