Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft indexing service vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-1105
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.
Microsoft Indexing Service
1 EDB exploit
NA
CVE-2000-0942
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote malicious users to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
Microsoft Indexing Service
1 EDB exploit
NA
CVE-2001-0245
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote malicious users to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability.
Microsoft Indexing Service
Microsoft Index Server 2.0
NA
CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and previous versions allows remote malicious users to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) f...
Microsoft Internet Information Server
Microsoft Indexing Service
Microsoft Index Server 2.0
5 EDB exploits
1 Github repository
NA
CVE-2006-0032
Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote malicious users to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an...
Microsoft Windows 2003 Server Datacenter Edition Itanium
Microsoft Windows 2003 Server Web
Microsoft Windows 2003 Server Datacenter Edition
Microsoft Windows 2003 Server Standard
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2000
Microsoft Windows 2003 Server Standard 64-bit
Microsoft Windows 2003 Server R2
Microsoft Windows 2000 Resource Kit
Microsoft Windows 2003 Server Sp1
Microsoft Windows 2003 Server Enterprise Edition Itanium
Microsoft Windows 2003 Server Enterprise Edition
1 EDB exploit
NA
CVE-2004-0897
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote malicious users to execute arbitrary code via a buffer overflow attack.
Microsoft Windows 2003 Server R2
Microsoft Windows Xp
NA
CVE-2000-0097
The WebHits ISAPI filter in Microsoft Index Server allows remote malicious users to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.
Microsoft Index Server 2.0
1 EDB exploit
NA
CVE-2011-2004
Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote malicious users to cause a denial of service (reboot) via a crafted TrueType font file, aka "TrueType Font Parsing Vulnerability...
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
NA
CVE-2009-2507
A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote malicious users to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary"...
Microsoft Windows 2003 Server
Microsoft Windows Xp
Microsoft Windows Xp -
Microsoft Windows 2000
5.5
CVSSv3
CVE-2019-1787
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability ...
Clamav Clamav
Debian Debian Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »