Back to search
CVE-2000-0457
Published: Mar 9, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20000511 Alert: IIS ism.dll exposes file contents
mailing-list
x_refsource_BUGTRAQ
MS00-031
vendor-advisory
x_refsource_MS
iis-ism-file-access(4448)
vdb-entry
x_refsource_XF
1193
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now