Unrated severityNVD Advisory· Published Jun 10, 2009· Updated Jun 16, 2026
CVE-2009-1122
CVE-2009-1122
Description
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1535.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-020nvdPatchVendor Advisory
- www.attrition.org/pipermail/vim/2009-June/002192.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/35232nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA09-160A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2009/1539nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5861nvdThird Party Advisory
News mentions
0No linked articles in our index yet.