CVE-2001-0986

2001-09-14T04:00:00
ID CVE-2001-0986
Type cve
Reporter cve@mitre.org
Modified 2017-12-19T02:29:00

Description

SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.