Description

Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).

Remediation

References

CVE-2002-1744

Related Vulnerabilities

WordPress Plugin Codestyling Localization 'name' Parameter Cross-Site Scripting (1.99.19)

TYPO3 Other Vulnerability (CVE-2006-0327)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)

TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1606)

Severity

Medium

Classification

CVE-2002-1744

Tags

Missing Update Known Vulnerabilities