Description

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

Remediation

References

CVE-2000-0246

Related Vulnerabilities

WordPress Improper Authentication Vulnerability (CVE-2014-0166)

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13591)

WordPress Plugin WordPress Backup to Ziddu Cross-Site Scripting (1)

WordPress Plugin Media File Manager Advanced Multiple Vulnerabilities (1.1.5)

PleskLin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-0132)

Severity

Medium

Classification

CVE-2000-0246

Tags

Missing Update Known Vulnerabilities