Description
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
Remediation
References
Related Vulnerabilities
WordPress Plugin Markdown on Save Improved Cross-Site Scripting (2.5)
WordPress Plugin WP Mailster Cross-Site Scripting (1.5.4.0)
Oracle JRE CVE-2013-5823 Vulnerability (CVE-2013-5823)
WordPress Plugin Share This Image Unspecified Vulnerability (1.19)
WordPress Plugin VideoWhisper Video Presentation 'vw_upload.php' Arbitrary File Upload (3.17)