Description

A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."

Remediation

References

CVE-2002-1180

Related Vulnerabilities

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12022)

Jenkins Improper Authorization Vulnerability (CVE-2021-21693)

WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5101)

LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16186)

WordPress Plugin Code Insert Manager (Q2W3 Inc Manager) ZeroClipboard Cross-Site Scripting (2.3.1)

Severity

High

Classification

CVE-2002-1180

Tags

Missing Update Known Vulnerabilities