VYPR
Unrated severityNVD Advisory· Published Feb 12, 2001· Updated Jun 16, 2026

CVE-2000-1090

CVE-2000-1090

Description

Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.

Affected products

3
  • cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:far_east:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:far_east:*:*:*
    • cpe:2.3:a:microsoft:internet_information_server:5.0:*:*:*:far_east:*:*:*
  • Microsoft/IISllm-fuzzy
    Range: <=5.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.