CVE-1999-1375

FileSystemObject - Info Disclosure

Title source: llm

Description

FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gary Geisbert · textremotemultiple

https://www.exploit-db.com/exploits/19194

View Code ZIP pw:eip

References (2)

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/230

[Mailing List] http://marc.info/?l=ntbugtraq&m=91877455626320&w=2

Scores

EPSS 0.7404

EPSS Percentile 98.8%

Details

Status published

Products (2)

microsoft/internet_information_server 3.0

microsoft/internet_information_server 4.0

Published Feb 11, 1999

Tracked Since Feb 18, 2026