Lucene search

[email protected]NVD:CVE-2002-1180

HistoryNov 12, 2002 - 5:00 a.m.

CVE-2002-1180

2002-11-1205:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0.008

Percentile

81.4%

JSON

A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka “Script Source Access Vulnerability.”

Affected configurations

Nvd

Node

microsoftinternet_information_servicesMatch5.0

VendorProductVersionCPE
microsoftinternet_information_services5.0cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	internet_information_services	5.0	cpe:2.3:a:microsoft:internet_information_services:5.0:::::::*

References

www.ciac.org/ciac/bulletins/n-011.shtml

www.iss.net/security_center/static/10504.php

www.securityfocus.com/bid/6068

www.securityfocus.com/bid/6071

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A931

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0.008

Percentile

81.4%

JSON

Related for NVD:CVE-2002-1180

cvelist1 cve1 openvas2 nessus1