CVE-2001-0902

3 documents3 sources
Severity
7.5HIGH
EPSS
41.3%
top 2.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Information Services
Timeline
PublishedNov 20
Latest updateApr 30

Description

Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-48gm-cgg2-2h2w: Microsoft IIS 52022-04-30
CVEList
CVE-2001-0902: Microsoft IIS 52004-09-01
CVE-2001-0902 (HIGH CVSS 7.5) | Microsoft IIS 5.0 allows remote att | cvebase.io