CVE-2000-0126

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jan 26, 2000
Updated: Nov 20, 2024

Summary

CVE-2000-0126 is a vulnerability affecting Internet Information Services (IIS) versions 3 and 4. Hackers can exploit this issue by using maliciously crafted Internet Data Query (IDQ) scripts to read sensitive files on the targeted system. The vulnerability arises due to inadequate input validation, enabling attackers to traverse directories and access restricted data through a ".. (dot dot)" attack. This security weakness poses a serious risk, allowing unauthorized access and potential data theft.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share