Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1181
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 up to and including 5.1 allow remote malicious users to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2003-0718
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote malicious users to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of...
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2008-0074
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 up to and including 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 6.0
NA
CVE-2005-2678
Microsoft IIS 5.1 and 6 allows remote malicious users to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
NA
CVE-2002-0419
Information leaks in IIS 4 up to and including 5.1 allow remote malicious users to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the re...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2001-0004
IIS 5.0 and 4.0 allows remote malicious users to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via ....
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2000-0770
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote malicious users to bypass access restrictions to some files, aka the "File Permission Canonicalization" vuln...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2000-0457
ISM.DLL in IIS 4.0 and 5.0 allows remote malicious users to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR&...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2006-0026
Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote malicious users to execute arbitrary code via crafted Active Server Pages (ASP).
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »