Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0408
IIS 4.05 and 5.0 allow remote malicious users to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2010-1899
Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote malicious users to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter...
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
NA
CVE-2002-1181
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 up to and including 5.1 allow remote malicious users to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.5
CVSSv3
CVE-2000-0258
IIS 4.0 and 5.0 allows remote malicious users to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2000-0304
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote malicious user to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2005-2678
Microsoft IIS 5.1 and 6 allows remote malicious users to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
NA
CVE-2001-0004
IIS 5.0 and 4.0 allows remote malicious users to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via ....
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2003-0718
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote malicious users to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of...
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2001-0096
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote malicious users to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2003-0223
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote malicious users to embed a URL containing script in a redirection message.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »