CVE

Id
2511  
CVE No.
CVE-2000-0942  
Status
Entry  
Description
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.  
Phase
 
Votes
 
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
9571 2511 CVE-2000-0942 BUGTRAQ:20001028 IIS 5.0 cross site scripting vulnerability - using .htw  View
9572 2511 CVE-2000-0942 URL:http://www.securityfocus.com/archive/1/141903  View
9573 2511 CVE-2000-0942 MS:MS00-084  View
9574 2511 CVE-2000-0942 URL:http://www.microsoft.com/technet/security/bulletin/MS00-084.asp  View
9575 2511 CVE-2000-0942 BID:1861  View
9576 2511 CVE-2000-0942 URL:http://www.securityfocus.com/bid/1861  View
9577 2511 CVE-2000-0942 XF:iis-htw-cross-scripting  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
64306 JVNDB-2000-000086 Microsoft Windows の Indexing Service におけるクロスサイトスクリプティングの脆弱性 Microsoft Windows の Indexing Service には、Indexing Service のコンポーネントが特別に作成した CiWebHitsFile という URL から、.htw や .hta といった拡張子のスクリプトを含むリクエストが実行されてしまう脆弱性が存在します。 CVE-2000-0942 2511 5.1 http://jvndb.jvn.jp/ja/contents/2000/JVNDB-2000-000086.html  View