Version: 2008
advertisement
Click Here

Microsoft IIS4 "Cross-Site Scripting" Vulnerability Patch (MS00-060)

  • Quick specs
  • Price: Free
  • Operating system:
  • Date added: November 08, 2000
  • Total Downloads: 2,106
  • Downloads last week: 1
  • See full specifications
Add to my list Add to my Watch List
Download Now (473.22K)
Tested spyware free

Publisher's description

From Microsoft :

This patch eliminates security vulnerabilities in the Microsoft Internet Information Server. The vulnerabilities could allow a malicious Web site operator to misuse another Web site as a means of attacking users. This vulnerability, known as Cross-Site Scripting (CSS), results when Web applications don't properly validate inputs before using them in dynamic Web pages. If malicious Web site operators were able to lure a user to their site, and had identified a third-party Web site that was vulnerable to CSS, they could potentially use the vulnerability to ""inject"" script into a Web page created by the other Web site, which would then be delivered to the user. The net effect would be to cause the malicious user's script to run on the user's machine. The vulnerability can affect any software that runs on a Web server, accepts user input, and blindly uses it to generate Web pages. Microsoft recommends that all vendors check their products to see if any are affected by the vulnerability, and initiated a check of its own products, as well. Several features in IIS were found to be affected--some were found by Microsoft internal teams, and others were identified by customers--and this patch eliminates all of them.

Read the FAQ for more information.

Microsoft My Phone
Connect your phone to the Web to back up the phone, share photos, or access contacts or text messages
Download Now

More popular Corporate Security Software downloads

  1. 2,172 downloads 1. Folder Guard
  2. 896 downloads 2. L0phtCrack
  3. 737 downloads 3. McAfee Total Protection for Small Business
  4. 652 downloads 4. Spyware Doctor Enterprise Free Edition
  5. 363 downloads 5. Wireshark
  6. See all Corporate Security Software downloads
PC Starter Kit
Because what good is a new computer without the right software?
Download Now

User reviews

Write your own review Be the first one to review Microsoft IIS4 "Cross-Site Scripting" Vulnerability Patch (MS00-060) and share your experience with the CNET community!
Previous versions: See all user reviews

Submit your review

Log in or create an account to submit your review for:

Microsoft IIS4 "Cross-Site Scripting" Vulnerability Patch (MS00-060)

 ORLog in with your Facebook account
1. Rate this product:
(Mouse over the stars to rate this product and click to set your rating.)
2. One-line summary:(Summarize your review in one line. 10 characters minimum; required.)
0 of 55 characters
3. Pros:(Tell us what you like about this product. 10 characters minimum; required.)
0 of 250 characters
4. Cons:(Tell us what you don't like about this product. 10 characters minimum; required.)
0 of 250 characters
Bottom-line summary:(Explain to us in detail why you like or dislike the product, focusing your comments on the product's features and functionality, and your experience using the product. This field is optional.)
0 of 5000 characters

The posting of advertisements, profanity, or personal attacks are prohibited.
Click here to review our site terms of use.

Submit
See more CNET content tagged:
CSS,
Microsoft Corp.,
Microsoft IIS Server,
XSS,
vulnerability

Previous Versions:


advertisement
Click Here
download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET API
About CNET