Описание
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10167
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-193
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
EPSS
Процентиль: 93%
0.10167
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-193