• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
Date Entry Created
20010618 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20020223-01)
Votes (Legacy)
ACCEPT(4) Bishop, Cole, Frech, Ziese
NOOP(2) Foat, Wall
Comments (Legacy)
Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.