CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2000-0770

IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 81.0%

CVSS Severity

CVSS v2 Score 6.4

References

http://www.securityfocus.com/bid/1565
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-057
http://www.securityfocus.com/bid/1565
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-057

Products affected by CVE-2000-0770

Microsoft » Internet Information Server » Version: 4.0

cpe:2.3:a:microsoft:internet_information_server:4.0
Microsoft » Internet Information Services » Version: 5.0

cpe:2.3:a:microsoft:internet_information_services:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0770

Products

Pricing

Contact Us