GCVE-VVD-CERTCC-2000-35085 — Vulnetix

Try Vulnetix Request Demo

GCVE-VVD-CERTCC-2000-35085

Advisory Published

Vulnetix · Advisory published May 11, 2000

A vulnerability exists in Microsoft Internet Information Server (IIS) which could disclose sensitive information contained in CGI-type files. Typically a CGI/script file on a web server should only be executable and not readable by remote users. Sensitive information contained in such a file might include user credentials for access to a back-end database.

Download JSON Open in Console

Risk Scores

certcc-cam

certcc-cam

impact7population11exploitation0widely_known20score_current13.167ease_of_exploitation19

Aliases

Transitive aliases

GHSA-w5j6-fmxr-5fr8 GSD-2000-0457

References

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

advisory

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

url

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

url

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

advisory

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

advisory

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON