CVE-2000-0884

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*

History

20 Nov 2024, 23:33

Type Values Removed Values Added
References () http://www.osvdb.org/436 - () http://www.osvdb.org/436 -
References () http://www.securityfocus.com/bid/1806 - () http://www.securityfocus.com/bid/1806 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-078 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-078 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/5377 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/5377 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A44 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A44 -

Information

Published : 2000-12-19 05:00

Updated : 2024-11-20 23:33


NVD link : CVE-2000-0884

Mitre link : CVE-2000-0884

CVE.ORG link : CVE-2000-0884


JSON object : View

Products Affected

microsoft

  • internet_information_server
  • internet_information_services