CVE-2000-0304
CVSS 2.0 Score 5.0 of 10 (medium)
Details
Published May 10, 2000
Updated: Nov 20, 2024
Summary
CVE-2000-0304 designates a vulnerability in Microsoft IIS 4.0 and 5.0 servers with the IISADMPWD virtual directory installed. This issue permits a remote attacker to trigger a denial-of-service condition by sending malformed requests to the inetinfo.exe program, also known as the "Undelimited .HTR Request" vulnerability. Attackers can exploit this flaw to cause the server to become unresponsive or cease functioning, disrupting services and potentially causing significant downtime.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft IIS
Affected Vendors
- Microsoft