What is CVE-2000-0413?

CVE-2000-0413 is a vulnerability in N/a. Published 2000-06-15.

Is CVE-2000-0413 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2000-0413

The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error messa…

EPSS: 0.594 (98.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

adavarski/DevSecOps-pipeline-python
carlregencia/DevSecOps-pipeline-python

References

20000506 shtml.exe reveal local path of IIS web directory (mailing-list, x_refsource_BUGTRAQ)
1174 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2000-0413?: CVE-2000-0413 is a vulnerability in N/a. Published 2000-06-15.
Is CVE-2000-0413 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.