Description

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

Remediation

References

CVE-2000-0884

Related Vulnerabilities

MyBB CVE-2008-3070 Vulnerability (CVE-2008-3070)

WordPress Plugin Blog Designer Cross-Site Scripting (1.8.11)

Apache HTTP Server Improper Locking Vulnerability (CVE-2002-1850)

Java Unspesificed Vulnerability (CVE-2018-3149)

WordPress Plugin W3 Total Cache PHP Code Injection (0.9.2.8)

Severity

High

Classification

CVE-2000-0884

Tags

Missing Update Known Vulnerabilities