← CVECheck
HomeVulnerabilities

CVE-2000-0884 — HIGH severity vulnerability (IIS 4.0 and 5.0 allows remote attackers to read documents ou)

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

CVE IDCVE-2000-0884
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2000-12-19
Last modified2026-04-16
DescriptionIIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →