CVE-1999-0278
CVSS 2.0 Score 5 of 10 (medium)
Details
Summary
CVE-1999-0278 is a vulnerability affecting Microsoft's Internet Information Services (IIS). Attackers can exploit this issue by appending "::$DATA" to the URL of an Active Server Pages (ASP) file, allowing them to obtain the source code of the file remotely. This poses a significant security risk, as sensitive data and intellectual property could be accessed without authorization. IIS users are urged to patch their systems as soon as possible to mitigate this threat. This vulnerability was discovered in 1999 and has since been addressed through software updates.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows NT
- Microsoft IIS
Affected Vendors
- Microsoft