← CVECheck
HomeVulnerabilities

CVE-2002-1745 — HIGH severity vulnerability (Off-by-one error in the CodeBrws.asp sample script in Micros)

Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.

CVE IDCVE-2002-1745
SeverityHIGH
CVSS score7.5
CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWECWE-193
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionOff-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →