CVE-2000-0246 - CVE Details

Description

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

microsoft - commercial_internet_system

Affected Versions:

microsoft - commercial_internet_system

Affected Versions:

microsoft - internet_information_server

Affected Versions:

microsoft - internet_information_services

Affected Versions:

microsoft - proxy_server

Affected Versions:

microsoft - site_server

Affected Versions:

microsoft - site_server_commerce

Affected Versions:

References

http://www.microsoft.com/technet/support/kb.asp?ID=249599
http://www.securityfocus.com/bid/1081
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019
http://www.microsoft.com/technet/support/kb.asp?ID=249599
http://www.securityfocus.com/bid/1081
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019