IIS 4.0 and 5.0 allows remote malicious users to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet information server 4.0 |
||
microsoft internet information services 5.0 |