CVE-2000-0246
— NVD-CWE-Other
- Published: 2000-03-30T05:00:00.000
- Last modified: 2025-04-03T01:03:51.193
- CWE: NVD-CWE-Other
CVE-2000-0246 — IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability. [Weakness: NVD-CWE-Other]
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No vendor taxonomy on this entry.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the “Virtualized UNC Share” vulnerability.
🧠 Explainer: What this vulnerability means
Summary: The issue in the product by the vendor (CWE: unspecified) may enable attacks.
Impact: Potential impact includes remote code execution, data theft, or denial of service.
Mitigation: Until patched, restrict exposure, enforce least privilege, and monitor for suspicious activity.
No vendor/product data yet.
- http://www.microsoft.com/technet/support/kb.asp?ID=249599 []
- http://www.securityfocus.com/bid/1081 []
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019 []
- http://www.microsoft.com/technet/support/kb.asp?ID=249599 []
- http://www.securityfocus.com/bid/1081 []
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019 []
No explicit mitigation/advisory links found in references.