CVE Vulnerabilities

CVE-2000-0884

Published: Dec 19, 2000 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the Web Server Folder Traversal vulnerability.

Affected Software

Name Vendor Start Version End Version
Internet_information_server Microsoft 4.0 (including) 4.0 (including)
Internet_information_services Microsoft 5.0 (including) 5.0 (including)

References