CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0413

The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.594

EPSS Ranking 98.1%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2000-0413

Microsoft » Frontpage » Version: N/A

cpe:2.3:a:microsoft:frontpage:-
Microsoft » Frontpage » Version: 2000

cpe:2.3:a:microsoft:frontpage:2000
Microsoft » Frontpage » Version: 2002

cpe:2.3:a:microsoft:frontpage:2002
Microsoft » Frontpage » Version: 2003

cpe:2.3:a:microsoft:frontpage:2003
Microsoft » Frontpage » Version: 97

cpe:2.3:a:microsoft:frontpage:97
Microsoft » Frontpage » Version: 98

cpe:2.3:a:microsoft:frontpage:98
Microsoft » Internet Information Server » Version: 4.0

cpe:2.3:a:microsoft:internet_information_server:4.0
Microsoft » Internet Information Services » Version: 5.0

cpe:2.3:a:microsoft:internet_information_services:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0413

Products

Pricing

Contact Us