Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-1821
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.700x on Windows Server 2003 allows remote malicious users to cause a denial of service (web-server outage, or daemon crash or hang) via a flood o...
Symantec Endpoint Protection 11.0.7100
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 11.0.7000
5
CVSSv2
CVE-2011-2012
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote malicious users to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash.&...
Microsoft Forefront Unified Access Gateway 2010
5
CVSSv2
CVE-2011-3140
IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote malicious users to bypass intended intrusion prevent...
Ibm Web Application Firewall -
Ibm G400 Ips-g400-ib-1 Appliance 31.030
Ibm Gx4004 Ips-gx4004-ib-2 Appliance 31.030
2.6
CVSSv2
CVE-2011-1068
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x prior to 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote malicious users to obtain potentially s...
Microsoft Windows Azure Sdk 1.3
10
CVSSv2
CVE-2010-3972
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote malicious users to execute arbitrary code or cause a denial of service (daemon c...
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2010-0112
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager prior to 8.4.16 allow remote malicious users to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition fu...
Symantec Im Manager 8.4.7
Symantec Im Manager 8.4.8
Symantec Im Manager 6.0
Symantec Im Manager 6.5
Symantec Im Manager 8.3
Symantec Im Manager 8.4.9
Symantec Im Manager 8.4.10
Symantec Im Manager 7.0
Symantec Im Manager 7.5
Symantec Im Manager 8.4.0
Symantec Im Manager 8.4.1
Symantec Im Manager 8.4.2
Symantec Im Manager 8.4.11
Symantec Im Manager 8.4.12
Symantec Im Manager 8.4.5
Symantec Im Manager 8.4.6
Symantec Im Manager 8.4.13
Symantec Im Manager
7.1
CVSSv2
CVE-2010-3229
The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote malicious users ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows 7
Microsoft Windows Vista
6.4
CVSSv2
CVE-2010-3332
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote malicious users to decrypt and modify encrypted Vie...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
3 EDB exploits
1 Github repository
9.3
CVSSv2
CVE-2010-2730
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote malicious users to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
Microsoft Internet Information Services 7.5
1 Github repository
6.8
CVSSv2
CVE-2010-2731
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote malicious users to bypass intended access restrictions and execute ASP files via a crafted request, aka "Dire...
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »