7.5
CVE-2002-1180
- EPSS 8.63%
- Veröffentlicht 12.11.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:58:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Information Services Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.63% | 0.944 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.ciac.org/ciac/bulletins/n-011.shtml
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062
http://www.iss.net/security_center/static/10504.php
http://www.securityfocus.com/bid/6068
http://www.securityfocus.com/bid/6071
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A931