7.5
CVE-2000-0886
- EPSS 68.74%
- Veröffentlicht 19.12.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Information Server Version4.0
Microsoft ≫ Internet Information Services Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 68.74% | 0.993 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/bid/1912
http://www.securityfocus.com/templates/archive.pike?mid=143604&list=1&fromthread=0&end=2000-11-11&threads=0&start=2000-11-05&
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-086
https://exchange.xforce.ibmcloud.com/vulnerabilities/5470
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A191