CVE-2002-1180 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2002-1180

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka Script Source Access Vulnerability.

Affected Software

Name	Vendor	Start Version	End Version
Internet_information_services	Microsoft	5.0	5.0

References

http://www.iss.net/security_center/static/10504.php
http://www.ciac.org/ciac/bulletins/n-011.shtml
http://www.securityfocus.com/bid/6068
http://www.securityfocus.com/bid/6071
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A931
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062