Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server 3.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0150
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote malicious users to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
7.5
CVSSv2
CVE-2001-0333
Directory traversal vulnerability in IIS 5.0 and previous versions allows remote malicious users to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
Microsoft Internet Information Server
Microsoft Internet Information Server 4.0
9 EDB exploits
7.5
CVSSv2
CVE-1999-0412
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
1 EDB exploit
7.5
CVSSv2
CVE-1999-0349
A buffer overflow in the FTP list (ls) command in IIS allows remote malicious users to conduct a denial of service and, in some cases, execute arbitrary commands.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
7.5
CVSSv2
CVE-1999-0450
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
1 EDB exploit
7.5
CVSSv2
CVE-1999-0253
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Services 1.0
Microsoft Internet Information Services 2.0
7.1
CVSSv2
CVE-2014-0266
The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow rem...
Microsoft Windows Xp -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Rt -
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Vista -
Microsoft Windows 8 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2003 -
7.1
CVSSv2
CVE-2008-4609
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote malicious users to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate info...
Cisco Ios 12.0(16)sc3
Cisco Ios 12.2(3.4)bp
Cisco Ios 11.2xa
Cisco Ios 12.4(2)t2
Cisco Ios 12.3ym
Cisco Ios 11.3(11b)
Linux Linux Kernel 2.3.19
Cisco Ios 12.0(21)s7
Bsdi Bsd Os 1.1
Cisco Ios 12.1(2)e1
Cisco Ios 12.1xg
Cisco Ios 12.1(19)ew
Cisco Ios 12.3(14)ym4
Cisco Ios 12.0(8)s1
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.3.31
Cisco Ios 12.2(7b)
Linux Linux Kernel 2.0.30
Cisco Ios 12.0xc
Cisco Ios 12.3yq
Cisco Ios 10.0
Cisco Ios 12.3(10)
1 Github repository
7.1
CVSSv2
CVE-1999-0725
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote malicious user to view the source code of certain files, a.k.a. "Double Byte Code Page".
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 EDB exploit
6.8
CVSSv2
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »