CVE-2000-0114

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Feb 2, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0114 is a vulnerability affecting the Frontpage Server Extensions. An attacker can leverage an RPC POST request to the shtml.dll file in the /_vti_bin/ virtual directory to determine the name of the anonymous account. This issue poses a risk for unauthorized access and information disclosure. The Frontpage Server Extensions should be updated or uninstalled to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft IIS

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlVq9
https://www.cve.org/CVERecord?id=CVE-2000-0114
https://nvd.nist.gov/vuln/detail/CVE-2000-0114

Back to Vulnerability Database