CVE-2000-0457
IIS 4.0-5.0 - Info Disclosure
Title source: llmDescription
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Cerberus Security Team · textremotewindows
https://www.exploit-db.com/exploits/19908
References (4)
Scores
EPSS
0.8438
EPSS Percentile
99.3%
Details
Status
published
Products (2)
microsoft/internet_information_server
4.0
microsoft/internet_information_services
5.0
Published
May 11, 2000
Tracked Since
Feb 18, 2026