Lucene search
MitreCVE-2002-1180HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-1180
2004-09-0104:00:00
mitre
web.nvd.nist.gov
49
iis 5.0
typographical error
script source access
permissions
.com files
vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
High
EPSS
0.008
Percentile
81.4%
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka “Script Source Access Vulnerability.”
Affected configurations
Node
microsoftinternet_information_servicesMatch5.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | internet_information_services | 5.0 | cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2002-1180
2004-09-01 04:00:00
nvd
nvd
CVE-2002-1180
2002-11-12 05:00:00
openvas
openvas
Microsoft Internet Information Services (IIS) Multiple Vulnerabilities (Q327696, MS02-062)
2005-11-03 00:00:00
Cumulative Patch for Internet Information Services (Q327696)
2005-11-03 00:00:00
nessus
nessus
MS02-018: Cumulative Patch for Internet Information Services (327696)
2002-04-23 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
High
EPSS
0.008
Percentile
81.4%
Related for CVE-2002-1180