CVE-1999-0154
CVSS 2.0 Score 5.0 of 10 (medium)
Details
Published Dec 31, 1999
Updated: Aug 17, 2022
Summary
CVE-1999-0154 is a vulnerability affecting Microsoft IIS 2.0 and 3.0 servers. This issue enables remote attackers to access the source code of Active Server Pages (ASP) by simply appending a dot (.) to the URL of the affected page. This security flaw poses a significant risk as attackers can gain valuable insights into the server's inner workings and potentially exploit it further. It is essential for organizations using IIS 2.0 and 3.0 to apply the available patches as soon as possible to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft IIS
Affected Vendors
- Microsoft