Description

When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".

Remediation

References

CVE-1999-0725

Related Vulnerabilities

XWiki Incorrect Authorization Vulnerability (CVE-2022-23615)

WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.2)

Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-62243)

CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-18288)

Ruby on Rails CVE-2019-5418 Vulnerability (CVE-2019-5418)

Severity

High

Classification

CVE-1999-0725

Tags

Missing Update Known Vulnerabilities