CVE-2000-0884

EPSS 82.7%
Veröffentlicht 19.12.2000 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Information Server Version4.0

Microsoft ≫ Internet Information Services Version5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	82.7%	0.992

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.osvdb.org/436

http://www.securityfocus.com/bid/1806

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-078

https://exchange.xforce.ibmcloud.com/vulnerabilities/5377

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A44

https://nvd.nist.gov/vuln/detail/CVE-2000-0884

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2000-0884

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2000-0884

EUVD