IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.osvdb.org/436 - | |
References | () http://www.securityfocus.com/bid/1806 - | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-078 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/5377 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A44 - |
Information
Published : 2000-12-19 05:00
Updated : 2024-11-20 23:33
NVD link : CVE-2000-0884
Mitre link : CVE-2000-0884
CVE.ORG link : CVE-2000-0884
JSON object : View
Products Affected
microsoft
- internet_information_server
- internet_information_services
CWE