Vulnerability Details CVE-2001-0902
Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.18
EPSS Ranking 94.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=100626531103946&w=2
- http://marc.info/?l=ntbugtraq&m=100627497122247&w=2
- http://www.securityfocus.com/bid/6795
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7613
- http://marc.info/?l=bugtraq&m=100626531103946&w=2
- http://marc.info/?l=ntbugtraq&m=100627497122247&w=2
- http://www.securityfocus.com/bid/6795
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7613
Products affected by CVE-2001-0902
-
cpe:2.3:a:microsoft:internet_information_services:5.0