CVE-1999-1451

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Dec 31, 1999
Updated: Oct 12, 2018

Summary

CVE-1999-1451 is a vulnerability affecting IIS 4.0 and Site Server 3.0. The Winmsdp.exe sample file in these software versions contains a flaw that permits remote attackers to access and read arbitrary files on the targeted system. This issue can lead to the exposure of sensitive data and potential system compromise. Attackers can exploit this vulnerability by sending specially crafted requests to the affected IIS or Site Server, enabling them to bypass access controls and gain unauthorized access to files. Organizations using these outdated versions are encouraged to apply relevant patches or upgrade to newer, more secure software to mitigate the risk of this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share