Back
CVE-2000-0858
Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability.
Published: Nov 14, 2000
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (2)
| Vendor | Product | Version |
|---|---|---|
| microsoft | internet_information_server | 4.0 |
| microsoft | windows_nt | 4.0 |
GitHub Security Advisory GHSA-5jwv-6qp2-mgfr
Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in...
References (8)
- http://archives.neohapsis.com/archives/vendor/2000-q3/0065.html Patch, Vendor Advisory
- http://www.securityfocus.com/archive/1/80413 Patch, Vendor Advisory
- http://www.securityfocus.com/bid/1642 Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5202
- http://archives.neohapsis.com/archives/vendor/2000-q3/0065.html Patch, Vendor Advisory
- http://www.securityfocus.com/archive/1/80413 Patch, Vendor Advisory
- http://www.securityfocus.com/bid/1642 Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5202
Risk Scores
CVSS Score
5.0 / 10
EPSS Score
20.40%
Top 4% most likely to be exploited
Threat Score
26.1 / 100
Data Sources
NVD
EPSS
GitHub