Microsoft IIS and PWS Extended Unicode Directory Traversal Vulnerability

The patch released with the advisory MS00-057 ( eliminates this vulnerability, therefore those who have already applied this patch do not have to take any further action. Otherwise, the patch is available at the following locations:

Microsoft Personal Web Server 4.0

Microsoft IIS 4.0 alpha

Microsoft IIS 4.0

Microsoft IIS 5.0


Privacy Statement
Copyright 2010, SecurityFocus