Description
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."
Remediation
References
Related Vulnerabilities
phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-3188)
WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)
Oracle Database Server CVE-2014-6541 Vulnerability (CVE-2014-6541)
Twisted Web HTTP Server Direct Request ('Forced Browsing') Vulnerability (CVE-2016-1000111)