CVE-2000-1090

CVE Database · CVE-2000-1090

CVE-2000-1090

· N/AModified

CVSS v3.1

N/A

EPSS

16.66%

Published

Feb 12, 2001

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.

Affected Products (2)

microsoft · internet_information_servervulnerable

References (6)

http://www.nsfocus.com/english/homepage/sa_08.htm

Broken Link

http://www.securityfocus.com/bid/2100

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/5729

Third Party AdvisoryVDB Entry

http://www.nsfocus.com/english/homepage/sa_08.htm

Broken Link

http://www.securityfocus.com/bid/2100

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/5729

Third Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs