Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server 3.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0079
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows malicious users to cause a denial of service or execute arbitrary code.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
4 EDB exploits
NA
CVE-2002-0147
Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote malicious users to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2002-0148
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to execute arbitrary script as other users via an HTTP error page.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
1 EDB exploit
NA
CVE-2002-0149
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via long file names.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2002-0150
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote malicious users to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2002-0057
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote malicious users to read arbitrary files by specifying a local file as an XML Data Source.
Microsoft Sql Server 2000
Microsoft Xml Core Services 2.6
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Internet Explorer 6.0
Microsoft Windows Xp
NA
CVE-2001-0333
Directory traversal vulnerability in IIS 5.0 and previous versions allows remote malicious users to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
Microsoft Internet Information Server
Microsoft Internet Information Server 4.0
9 EDB exploits
NA
CVE-2000-0631
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote malicious users to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
NA
CVE-2000-0649
IIS 4.0 allows remote malicious users to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
1 EDB exploit
1 Metasploit module
8 Github repositories
NA
CVE-2000-0246
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote malicious users to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Microsoft Site Server 3.0
Microsoft Internet Information Services 5.0
Microsoft Proxy Server 2.0
Microsoft Commercial Internet System 2.0
Microsoft Internet Information Server 4.0
Microsoft Commercial Internet System 2.5
Microsoft Site Server Commerce 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »