Description

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

Remediation

References

CVE-2000-0884

Related Vulnerabilities

TYPO3 Cryptographic Issues Vulnerability (CVE-2012-3527)

ownCloud Improper Input Validation Vulnerability (CVE-2012-2270)

Resin Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2462)

MySQL CVE-2022-21344 Vulnerability (CVE-2022-21344)

Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39118)

Severity

High

Classification

CVE-2000-0884

Tags

Missing Update Known Vulnerabilities