Lucene search

MitreCVE-2001-0709

HistorySep 20, 2001 - 4:00 a.m.

CVE-2001-0709

2001-09-2004:00:00

mitre

web.nvd.nist.gov

cve-2001-0709

microsoft iis 4.0

fat partition

remote attack

source code leak

asp files

unicode

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.148

Percentile

95.8%

JSON

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.

Affected configurations

Nvd

Node

microsoftinternet_information_serverRange≤4.0

VendorProductVersionCPE
microsoftinternet_information_server*cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	internet_information_server	*	cpe:2.3:a:microsoft:internet_information_server::::::::

References

www.securityfocus.com/archive/1/192802

www.securityfocus.com/bid/2909

exchange.xforce.ibmcloud.com/vulnerabilities/6742

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.148

Percentile

95.8%

JSON

Related for CVE-2001-0709