CVE-1999-0725
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-1999-0725
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft IIS 3.0/4.0"%81"ASP源码泄露漏洞(MS99-022)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IIS 是一个非常流行的Internet Web服务器产品,随Windows NT捆绑销售。 中文版、日文版、韩文版等双字节语言版本的IIS 3.0和4.0存在一个问题,在HTTP请求中CGI文件名后面加上"%81"就可以显示出文件的源代码,而不是执行。 该问题是一个输入验证错误。IIS是通过文件扩展名来决定将一个文件内容直接显示出来还是作为脚本执行的。对于asp文件,如果请求中的扩展名是".asp"那么IIS可以正确处理。如果将扩展名后面加一个"%81",IIS将不认为这是一个ASP文件,也就不会执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-1999-0725
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-1999-0725
请登录查看更多情报信息。
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ233335vendor-advisoryx_refsource_MSKB
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-022vendor-advisoryx_refsource_MS
- https://nvd.nist.gov/vuln/detail/CVE-1999-0725
Same Patch Batch · n/a · 2000-01-04 · 152 CVEs total
| CVE-1999-0869 | Microsoft Internet Explorer 安全漏洞 | |
| CVE-1999-0907 | Sccw 安全漏洞 | |
| CVE-1999-0902 | ypserv 安全漏洞 | |
| CVE-1999-0901 | ypserv 安全漏洞 | |
| CVE-1999-0900 | rpc 安全漏洞 | |
| CVE-1999-0894 | Red Hat Linux screen program 安全漏洞 | |
| CVE-1999-0892 | Netscape Communicator 安全漏洞 | |
| CVE-1999-0891 | Microsoft Internet Explorer 代码注入漏洞 | |
| CVE-1999-0887 | FTGate网界面服务器路径遍历漏洞 | |
| CVE-1999-0886 | NT RASMAN权限升级漏洞 | |
| CVE-1999-0884 | Zeus Webserver可能的远程根妥协 | |
| CVE-1999-0883 | Zeus Webserver可能的远程根妥协 | |
| CVE-1999-0880 | WU-FTPD 安全漏洞 | |
| CVE-1999-0879 | WU-FTPD和相关FTP服务器安全漏洞 | |
| CVE-1999-0878 | Multiple Vendor Wu-Ftpd缓冲区溢出漏洞 | |
| CVE-1999-0877 | Microsoft Internet Explorer 信息泄露漏洞 | |
| CVE-1999-0876 | Microsoft Internet Explorer 缓冲区错误漏洞 | |
| CVE-1999-0871 | Microsoft Internet Explorer 安全漏洞 | |
| CVE-1999-0870 | Microsoft Internet Explorer 安全漏洞 | |
| CVE-1999-0833 | 多家厂商BIND NXT远程缓冲区溢出漏洞 |
Showing top 20 of 152 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-1999-0725
No comments yet