CVE-2009-1122

The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1535.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

History

No history.

Information

Published : 2009-06-10 18:30

Updated : 2024-02-28 11:21


NVD link : CVE-2009-1122

Mitre link : CVE-2009-1122

CVE.ORG link : CVE-2009-1122


JSON object : View

Products Affected

microsoft

  • windows_2000
  • internet_information_services
CWE
CWE-287

Improper Authentication