← CVECheck
HomeVulnerabilities

CVE-2000-0246 — MEDIUM severity vulnerability (IIS 4.0 and 5.0 does not properly perform ISAPI extension pr)

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

CVE IDCVE-2000-0246
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2000-03-30
Last modified2026-04-16
DescriptionIIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →