Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services 5.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0630
IIS 4.0 and 5.0 allows remote malicious users to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
1 EDB exploit
6.8
CVSSv2
CVE-2002-1181
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 up to and including 5.1 allow remote malicious users to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
6.4
CVSSv2
CVE-2000-0770
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote malicious users to bypass access restrictions to some files, aka the "File Permission Canonicalization" vuln...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
6.5
CVSSv2
CVE-2006-0026
Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote malicious users to execute arbitrary code via crafted Active Server Pages (ASP).
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2002-0869
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 up to and including 5.1 allows remote malicious users to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out o...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
7.5
CVSSv2
CVE-2000-0884
IIS 4.0 and 5.0 allows remote malicious users to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
9 EDB exploits
2 Github repositories
5
CVSSv2
CVE-2000-0258
IIS 4.0 and 5.0 allows remote malicious users to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
5
CVSSv2
CVE-2000-0071
IIS 4.0 allows a remote malicious user to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
5
CVSSv2
CVE-2000-0631
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote malicious users to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »