Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
215
VMScore
CVE-2000-0167
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
Microsoft Internet Information Server 4.0
1 EDB exploit
NA
CVE-2009-1676
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1535. Reason: This candidate is a duplicate of CVE-2009-1535. Notes: All CVE users should reference CVE-2009-1535 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
1 Github repository
1000
VMScore
CVE-2004-1134
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long query string.
Microsoft W3who.dll
1 EDB exploit
715
VMScore
CVE-1999-0725
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote malicious user to view the source code of certain files, a.k.a. "Double Byte Code Page".
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 EDB exploit
755
VMScore
CVE-2009-1122
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote malicious users to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authe...
Microsoft Internet Information Services 5.0
1 EDB exploit
725
VMScore
CVE-2001-0507
IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.
Microsoft Internet Information Services 5.0
1 EDB exploit
1000
VMScore
CVE-2001-0241
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote malicious users to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
Microsoft Windows 2000
7 EDB exploits
510
VMScore
CVE-2009-2521
Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 up to and including 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdire...
Microsoft Internet Information Services
2 EDB exploits
725
VMScore
CVE-2001-0506
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
505
VMScore
CVE-1999-0736
The showcode.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »