CVE-2000-0240

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Mar 21, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0240 is a vulnerability in the vqServer program by vqSoft. Attackers can exploit this issue by manipulating the URL with a "..\.." sequence, which is a form of dot-dot-slash attack. This vulnerability enables unauthorized reading of arbitrary files on the affected system. An attacker could potentially gain sensitive information or execute malicious code by exploiting this security weakness. Users are advised to patch their vqServer software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlVrs
https://www.cve.org/CVERecord?id=CVE-2000-0240
https://nvd.nist.gov/vuln/detail/CVE-2000-0240

Back to Vulnerability Database

CVE-2000-0240

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations