Description

IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.

Remediation

References

CVE-2001-0507

Related Vulnerabilities

XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619)

MySQL CVE-2012-0490 Vulnerability (CVE-2012-0490)

Sqlite Other Vulnerability (CVE-2019-20218)

WordPress Plugin Companion Sitemap Generator Cross-Site Request Forgery (3.6.6)

MediaWiki Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4571)

Severity

High

Classification

CVE-2001-0507

Tags

Missing Update Known Vulnerabilities