CVE-2000-0246

Currently unrated

Key Information:

Vendor: Microsoft
Status: Site Server; Internet Information Services; Proxy Server; Commercial Internet System
Vendor: CVE Published:; 30 March 2000

Summary

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.microsoft.com/technet/support/kb.asp?ID=249599

vendor-advisoryx_refsource_MSKB

http://www.securityfocus.com/bid/1081

vdb-entryx_refsource_BID

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Apr 12, 2000
Vulnerability published
Mar 30, 2000

Collectors

NVD DatabaseMitre Database