Description

IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.

Remediation

References

CVE-1999-0253

Related Vulnerabilities

PHP Double Free Vulnerability (CVE-2019-11049)

WordPress Plugin Category Order and Taxonomy Terms Order PHP Object Injection (1.5.2.2)

WordPress Plugin Responsive Cookie Consent Cross-Site Scripting (1.7)

OpenSSL Other Vulnerability (CVE-2014-3510)

WordPress Plugin Rezgo Online Booking Multiple Cross-Site Scripting Vulnerabilities (1.8)

Severity

High

Classification

CVE-1999-0253

Tags

Missing Update Known Vulnerabilities