This vulnerability could cause a IIS 5.0 web server to send the source code of certain types of web files to a visiting user.
Microsoft has released a patch to fix this issue, download it from the following website: http://www.microsoft.com/technet/security/bulletin/ms00-058.mspx
- Flaw in Certificate Enrollment Control (Q323172)
- Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
- Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2813170)
- Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)
- Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)