CVE-1999-0154

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Dec 31, 1999
Updated: Aug 17, 2022

Summary

CVE-1999-0154 is a vulnerability affecting Microsoft IIS 2.0 and 3.0 servers. This issue enables remote attackers to access the source code of Active Server Pages (ASP) by simply appending a dot (.) to the URL of the affected page. This security flaw poses a significant risk as attackers can gain valuable insights into the server's inner workings and potentially exploit it further. It is essential for organizations using IIS 2.0 and 3.0 to apply the available patches as soon as possible to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share