CVE-2001-0276

medium

Description

ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/6130

http://www.badblue.com/p010219.htm

http://marc.info/?l=bugtraq&m=98263019502565&w=2

Details

Source: Mitre, NVD

Published: 2001-05-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.03573