IIS does not properly canonicalize URLs, potentially allowing remote malicious users to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft site server 3.0 |
||
microsoft internet information server 4.0 |
||
microsoft site server commerce 3.0 |