Description

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.

Remediation

References

CVE-2001-0709

Related Vulnerabilities

WordPress Plugin MF Gig Calendar Cross-Site Scripting (1.1)

Apache Tomcat Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-9774)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35150)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19202)

WordPress Plugin Export Users to CSV CSV Injection (1.1.1)

Severity

Medium

Classification

CVE-2001-0709

Tags

Missing Update Known Vulnerabilities