Vulnerability Description
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Information Server | 3.0 |
References
- http://marc.info/?l=ntbugtraq&m=91877455626320&w=2
- http://www.securityfocus.com/bid/230ExploitVendor Advisory
- http://marc.info/?l=ntbugtraq&m=91877455626320&w=2
- http://www.securityfocus.com/bid/230ExploitVendor Advisory
FAQ
What is CVE-1999-1375?
CVE-1999-1375 is a vulnerability with a CVSS score of 5.0 (MEDIUM). FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
How severe is CVE-1999-1375?
CVE-1999-1375 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1375?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Information Server.