CVE-2000-0413

CVE-2000-0413 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.

Learn more about our Cis Benchmark Audit For Microsoft Iis.