CVE-2000-0457
— NVD-CWE-Other
- Published: 2000-05-11T04:00:00.000
- Last modified: 2025-04-03T01:03:51.193
- CWE: NVD-CWE-Other
CVE-2000-0457 — ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability. [Weakness: NVD-CWE-Other]
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No vendor taxonomy on this entry.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the “.HTR File Fragment Reading” or “File Fragment Reading via .HTR” vulnerability.
🧠 Explainer: What this vulnerability means
Summary: The issue in the product by the vendor (CWE: unspecified) may enable attacks.
Impact: Potential impact includes remote code execution, data theft, or denial of service.
Mitigation: Apply the latest vendor patch or update to a fixed version; disable vulnerable modules where possible.
No vendor/product data yet.
- http://marc.info/?l=bugtraq&m=95810120719608&w=2 []
- http://www.securityfocus.com/bid/1193 []
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031 []
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4448 []
- http://marc.info/?l=bugtraq&m=95810120719608&w=2 []
- http://www.securityfocus.com/bid/1193 []
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031 []
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4448 []
No explicit mitigation/advisory links found in references.