Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request.
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-054