Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0191 — Microsoft Internet Information Server vulnerability

4 documents4 sources

Severity

6.4MEDIUMNVD

EPSS

62.0%

top 1.65%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedSep 1

Latest updateApr 30

Description

IIS newdsn.exe CGI script allows remote users to overwrite files.

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

GHSA

GHSA-p6cp-hx87-7342: IIS newdsn↗2022-04-30

▶

CVEList

CVE-1999-0191: IIS newdsn↗1999-09-29

▶

Exploit-DB

Microsoft IIS 3.0 - 'newdsn.exe' File Creation↗1997-08-25

▶