Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft index server 2.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and previous versions allows remote malicious users to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) f...
Microsoft Internet Information Server
Microsoft Index Server 2.0
Microsoft Indexing Service
5 EDB exploits
1 Github repository
10
CVSSv2
CVE-1999-1011
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote malicious users to execute arbitrary commands.
Microsoft Index Server 2.0
Microsoft Internet Information Server 3.0
Microsoft Data Access Components 2.0
Microsoft Data Access Components 2.1
Microsoft Data Access Components 1.5
Microsoft Internet Information Server 4.0
Microsoft Site Server 3.0
2 EDB exploits
1 Article
7.5
CVSSv2
CVE-2001-0244
Buffer overflow in Microsoft Index Server 2.0 allows remote malicious users to execute arbitrary commands via a long search parameter.
Microsoft Index Server 2.0
7.5
CVSSv2
CVE-1999-1397
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
Microsoft Index Server 2.0
5.4
CVSSv2
CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Intel Core I3 6006u
Intel Core I3 6098p
Intel Core I3 6102e
Intel Core I3 6157u
Intel Core I5 661
Intel Core I5 670
Intel Core I5 6300u
Intel Core I5 6350hq
Intel Core I5 6442eq
Intel Core I5 6500
Intel Core I5 6500t
Intel Core I7 610e
Intel Core I7 620le
Intel Core I7 640um
Intel Core I7 660lm
Intel Core I3 6100h
Intel Core I3 6100t
Intel Core I3 6320
Intel Core I5 650
Intel Core I3 6100te
Intel Core I3 6100u
Intel Core I5 655k
2 Articles
5
CVSSv2
CVE-2001-0986
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote malicious users to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fil...
Microsoft Index Server 2.0
1 EDB exploit
5
CVSSv2
CVE-2001-0245
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote malicious users to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability.
Microsoft Index Server 2.0
Microsoft Indexing Service
5
CVSSv2
CVE-2000-0302
Microsoft Index Server allows remote malicious users to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL.
Microsoft Index Server 2.0
1 EDB exploit
5
CVSSv2
CVE-2000-0097
The WebHits ISAPI filter in Microsoft Index Server allows remote malicious users to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.
Microsoft Index Server 2.0
1 EDB exploit
5
CVSSv2
CVE-2000-0126
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote malicious users to read files via a .. (dot dot) attack.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »