CVE-2001-0245

3 documents3 sources

Severity

5.0MEDIUM

EPSS

37.4%

top 2.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Index Server

Timeline

PublishedJun 27

Latest updateApr 30

Description

Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/index_server2.0

🔴Vulnerability Details

GHSA

GHSA-4m5w-43cx-p687: Microsoft Index Server 2↗2022-04-30

▶

CVEList

CVE-2001-0245: Microsoft Index Server 2↗2001-09-18

▶