CVE-2000-0024

2000-04-2504:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.009

Percentile

82.7%

JSON

IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the “Escape Character Parsing” vulnerability.

References

support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ246401

www.acrossecurity.com/aspr/ASPR-1999-11-10-1-PUB.txt

docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-061