Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-1999-1591
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote malicious users to bypass authentication requirements, as demonstrated by connecting ...
Microsoft Internet Information Server 4.0
Microsoft Visual Interdev 6.0
4.3
CVSSv2
CVE-2005-2089
Microsoft IIS 5.0 and 6.0 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes IIS to inco...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 6.0
6
CVSSv2
CVE-2009-4444
Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote malicious users to bypass intended extension restrictions of third-party upload applications via a f...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 6.0
5
CVSSv2
CVE-2009-2521
Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 up to and including 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdire...
Microsoft Internet Information Services
2 EDB exploits
5
CVSSv2
CVE-2002-0224
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote malicious users to cause a denial of service (crash or hang) via malformed (random) input.
Microsoft Sql Server 2000
Microsoft Sql Server 6.5
Microsoft Sql Server 7.0
Microsoft Internet Information Services 5.0
Microsoft Windows 2000
10
CVSSv2
CVE-1999-0874
Buffer overflow in IIS 4.0 allows remote malicious users to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
Microsoft Internet Information Server 4.0
Microsoft Windows Nt 4.0
Microsoft Windows Nt
Microsoft Windows 2000
5 EDB exploits
10
CVSSv2
CVE-1999-0233
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
Microsoft Internet Information Services 1.0
1 EDB exploit
5
CVSSv2
CVE-1999-0012
Some web servers under Microsoft Windows allow remote malicious users to bypass access restrictions for files with long file names.
Netscape Fasttrack Server 3.01
Microsoft Personal Web Server 4.0
Netscape Enterprise Server 3.0
Microsoft Internet Information Server 4.0
Netscape Fasttrack Server 2.01
Microsoft Frontpage
5
CVSSv2
CVE-2002-1718
Microsoft Internet Information Server (IIS) 5.1 may allow remote malicious users to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
Microsoft Internet Information Services 5.1
10
CVSSv2
CVE-2003-0224
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."
Microsoft Internet Information Services 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »