VDB

CVE-2000-0884

CVE-2000-0884 PUBLISHED CVSS 7.5 HIGH

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

EPSS 84.07% · 99.3th percentile

Risk Scores

CVSS 2.0
7.5
EPSS Score
84.07%
99.3th percentile

Affected Products

VendorProductVersions
microsoftinternet_information_services5.0
microsoftinternet_information_server4.0
n/an/an/a

Timeline

  • Dec 19, 2000 CVE Published
  • Sep 23, 2010 PoC Published
  • Feb 4, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Oct 27, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • May 26, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Oct 31, 2023 EPSS Score
  • Feb 13, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›