PT-2000-1807 · Microsoft · Iis

Published

2000-12-19

Updated

2018-10-30

CVE-2000-0884

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions IIS versions 4.0 through 5.0

Description The issue allows remote attackers to read documents outside of the web root and possibly execute arbitrary commands via malformed URLs containing UNICODE encoded characters.

Recommendations For IIS versions 4.0 through 5.0, update to a version that is not affected by this issue to prevent remote attackers from reading documents outside of the web root and executing arbitrary commands.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0884

Affected Products

Iis

PT-2000-1807 · Microsoft · Iis

CVE-2000-0884

Related Identifiers

Affected Products

References · 16