CVE-2000-0330

Windows 95-98 - Command Injection

Title source: llm

Description

The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.

Exploits (2)

exploitdb WORKING POC VERIFIED

by UNYUN · cremotewindows

https://www.exploit-db.com/exploits/19608

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by UNYUN · cremotewindows

https://www.exploit-db.com/exploits/19607

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-049

Scores

EPSS 0.2285

EPSS Percentile 95.9%

Details

Status published

Products (2)

microsoft/windows_95

microsoft/windows_98

Published Nov 12, 1999

Tracked Since Feb 18, 2026