CVE-2000-1105

IXSso.query - Info Disclosure

Title source: llm

Description

The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Georgi Guninski · htmlremotewindows

https://www.exploit-db.com/exploits/20399

View Code ZIP pw:eip

References (3)

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/1933

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/144270

[Exploit, Patch, Vendor Advisory] http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0074.html

Scores

EPSS 0.3144

EPSS Percentile 96.8%

Details

Status published

Products (1)

microsoft/indexing_service

Published Jan 09, 2001

Tracked Since Feb 18, 2026