Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0942

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2000-0942
Last Modified 05 Sep 2008 04:22:15
Published 19 Dec 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2000-0942

Summary

The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.

Vulnerable Systems

Application

  • Microsoft Indexing Service


References

BID - 1861

MS - MS00-084

XF - iis-htw-cross-scripting

BUGTRAQ - 20001028 IIS 5.0 cross site scripting vulnerability - using .htw


Last Updated: 27 May 2016 10:35:56