Description

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

Remediation

References

CVE-2000-0884

Related Vulnerabilities

WordPress Plugin Rezgo Online Booking Cross-Site Scripting (4.1.7)

MySQL CVE-2019-2581 Vulnerability (CVE-2019-2581)

Joomla! Core 3.x.x Information Disclosure (3.7.0 - 3.8.1)

Microsoft SQL Server Improper Input Validation Vulnerability (CVE-2001-0509)

WordPress Plugin WordPress Video Player Multiple SQL Injection Vulnerabilities (1.5.16)

Severity

High

Classification

CVE-2000-0884

Tags

Missing Update Known Vulnerabilities