VDB

GCVE-VVD-CERTCC-2000-35085

GCVE-VVD-CERTCC-2000-35085
Advisory Published
Vulnetix · Advisory published May 11, 2000
A vulnerability exists in Microsoft Internet Information Server (IIS) which could disclose sensitive information contained in CGI-type files. Typically a CGI/script file on a web server should only be executable and not readable by remote users. Sensitive information contained in such a file might include user credentials for access to a back-end database.
Download JSON Open in Console

Risk Scores

certcc-cam
certcc-cam
impact7population11exploitation0widely_known20score_current13.167ease_of_exploitation19

Aliases

CVE-2000-0457

Transitive aliases

GHSA-w5j6-fmxr-5fr8GSD-2000-0457

References

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
advisory
Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
url
Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
url
Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
advisory
Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
advisory
Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›