Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and previous versions allows remote malicious users to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) f...
Microsoft Internet Information Server
Microsoft Index Server 2.0
Microsoft Indexing Service
5 EDB exploits
1 Github repository
10
CVSSv2
CVE-1999-0233
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
Microsoft Internet Information Services 1.0
1 EDB exploit
9.3
CVSSv2
CVE-2019-1057
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
1 Article
9.3
CVSSv2
CVE-2010-2730
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote malicious users to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
Microsoft Internet Information Services 7.5
1 Github repository
9
CVSSv2
CVE-2009-3023
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 up to and including 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP ...
Microsoft Internet Information Server
3 EDB exploits
9
CVSSv2
CVE-2008-1446
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 up to and including 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitra...
Microsoft Internet Information Services
9
CVSSv2
CVE-2008-1436
Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent malicious users to gain privileges by using one service process to capture a res...
Microsoft Windows Server 2003
Microsoft Windows Vista -
Microsoft Windows-nt Vista
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Xp
1 EDB exploit
7.8
CVSSv2
CVE-2009-1926
Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote malicious users to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive windo...
Microsoft Windows Xp
Microsoft Windows Server 2008 -
Microsoft Windows Vista
Microsoft Windows Vista -
Microsoft Windows 2000 -
Microsoft Windows Server 2003
Microsoft Windows Server 2008
7.8
CVSSv2
CVE-2007-0087
Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote malicious users to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE:...
Microsoft Internet Information Server
7.8
CVSSv2
CVE-2005-4360
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote malicious users to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes n...
Microsoft Internet Information Services 5.1
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »