7.5
CVE-2001-0333
- EPSS 90.77%
- Veröffentlicht 27.06.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:07
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Information Server Version <= 5.0
Microsoft ≫ Internet Information Server Version4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 90.77% | 0.998 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=98992056521300&w=2
http://www.cert.org/advisories/CA-2001-12.html
http://www.securityfocus.com/bid/2708
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026
https://exchange.xforce.ibmcloud.com/vulnerabilities/6534
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1051
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A37
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A78