Description

Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.

Remediation

References

CVE-2000-1090

Related Vulnerabilities

Apache Traffic Server Other Vulnerability (CVE-2019-9513)

Apache Traffic Server CVE-2014-3525 Vulnerability (CVE-2014-3525)

Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2020-9481)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-2817)

Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11495)

Severity

Medium

Classification

CVE-2000-1090

Tags

Missing Update Known Vulnerabilities