Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1744


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1744
Last Modified 05 Sep 2008 04:31:24
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).

Vulnerable Systems


  • Microsoft Internet Information Server 5.0


XF - iis-codebrws-view-source(8853)

BID - 4525

Last Updated: 27 May 2016 10:37:28