CVE-2000-0024
published 1999-12-21CVE-2000-0024: IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka…
medium6.4CVSS 3.1
AVNACLAuNCPIPAN
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_information_server | — | — |
| microsoft | site_server | — | — |
| microsoft | site_server_commerce | — | — |