Lucene search
HistoryDec 19, 2000 - 5:00 a.m.
CVE-2000-0884
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.938 High
EPSS
Percentile
99.2%
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the “Web Server Folder Traversal” vulnerability.
Affected configurations
Node
microsoftinternet_information_serverMatch4.0
ORmicrosoftinternet_information_servicesMatch5.0
Related
saint
saint
IIS Unicode Directory Traversal
2006-07-03 00:00:00
IIS Unicode Directory Traversal
2006-07-03 00:00:00
IIS Unicode Directory Traversal
2006-07-03 00:00:00
openvas
openvas
Microsoft IIS Directory Traversal Vulnerability (MS00-078) - Active Check
2009-03-16 00:00:00
Microsoft IIS Directory Traversal Vulnerability (MS00-078) - Active Check
2005-11-03 00:00:00
IIS directory traversal
2005-11-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft IIS EXE W32 Storm Worm Command Execution - Ver2 (CVE-2000-0884)
2014-04-16 00:00:00
Microsoft IIS Input Validation Directory Traversal (CVE-2000-0884)
2014-03-17 00:00:00
cvelist
cvelist
CVE-2000-0884
2001-01-22 05:00:00
cert
cert
nessus
nessus
Microsoft IIS Unicode Remote Command Execution
2000-10-18 00:00:00
cve
cve
CVE-2000-0884
2001-01-22 05:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.938 High
EPSS
Percentile
99.2%
Related for NVD:CVE-2000-0884