CVE-2001-0986

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/09/2001
Last modified:
03/04/2025

Description

SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:microsoft:index_server:2.0:*:*:*:*:*:*:*