CVE-2000-0246
CVSS 2.0 Score 5.0 of 10 (medium)
Details
Published Mar 30, 2000
Updated: Nov 20, 2024
Summary
CVE-2000-0246 is a vulnerability affecting Internet Information Services (IIS) 4.0 and 5.0. If a virtual directory is mapped to a UNC share in these versions, IIS fails to process ISAPI extensions properly. This issue allows remote attackers to read the source code of ASP and other files, posing a significant security risk. The vulnerability, also known as the "Virtualized UNC Share" vulnerability, underscores the importance of secure configuration and proper handling of UNC shares in web server environments.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft IIS
Affected Vendors
- Microsoft