Description

Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.

Remediation

References

CVE-2002-1745

Related Vulnerabilities

WordPress Plugin WP Job Manager Cross-Site Request Forgery (1.25.2)

PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568)

WordPress Plugin WP Google Maps Unspecified Vulnerability (8.0.25)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0274)

Joomla! Core Security Bypass (1.6.2 - 3.9.10)

Severity

Medium

Classification

CVE-2002-1745

Tags

Missing Update Known Vulnerabilities