CVE-1999-0278

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jun 1, 1998
Updated: Oct 12, 2018

Summary

CVE-1999-0278 is a vulnerability affecting Microsoft's Internet Information Services (IIS). Attackers can exploit this issue by appending "::$DATA" to the URL of an Active Server Pages (ASP) file, allowing them to obtain the source code of the file remotely. This poses a significant security risk, as sensitive data and intellectual property could be accessed without authorization. IIS users are urged to patch their systems as soon as possible to mitigate this threat. This vulnerability was discovered in 1999 and has since been addressed through software updates.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows NT
  • Microsoft IIS

Affected Vendors

  • Microsoft