Description

IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.

Remediation

References

CVE-2001-0507

Related Vulnerabilities

WordPress Plugin Nextend Facebook Connect Unspecified Vulnerability (1.5.7)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4542)

Atlassian Jira CVE-2018-5231 Vulnerability (CVE-2018-5231)

WordPress Plugin Nooz Cross-Site Scripting (1.6.0)

Jboss EAP Improper Input Validation Vulnerability (CVE-2010-1871)

Severity

High

Classification

CVE-2001-0507

Tags

Missing Update Known Vulnerabilities