https://www.exploit-db.com/exploits/19239

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/299/info

The full physical path name for the IIS web server root directory may be obtained by attempting to view a non-existent .IDC file. The web server will return an error message that lists the absolute pathname of the "missing" .IDC file. 

"http://www.someURL.com/hackme.idc"

will return:

Error Performing Query
Error processing file 'c:inetpubscriptssampleshackme.idc'