Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2532
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote malicious users to obtain sensitive information by reading the replies to these commands, aka "FTP Command Inject...
Microsoft Ftp Service 7.0
Microsoft Ftp Service 7.5
NA
CVE-2012-4591
About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 discloses the name of the user account for an IIS worker process, which allows remote malicious users to obtain potentially sensitive information by visiting this page.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
NA
CVE-2009-0693
Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote malicious users to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.
Dell Wyse Device Manager 4.7.2
Dell Wyse Device Manager 4.7.0
Dell Wyse Device Manager 4.7.1
1 EDB exploit
NA
CVE-2009-0695
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote malicious users to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
Dell Wyse Device Manager 4.7.1
Dell Wyse Device Manager 4.7.2
Dell Wyse Device Manager 4.7.0
2 EDB exploits
NA
CVE-2012-1821
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.700x on Windows Server 2003 allows remote malicious users to cause a denial of service (web-server outage, or daemon crash or hang) via a flood o...
Symantec Endpoint Protection 11.0.7100
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 11.0.7000
NA
CVE-2011-2012
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote malicious users to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash.&...
Microsoft Forefront Unified Access Gateway 2010
NA
CVE-2011-3140
IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote malicious users to bypass intended intrusion prevent...
Ibm Web Application Firewall -
Ibm G400 Ips-g400-ib-1 Appliance 31.030
Ibm Gx4004 Ips-gx4004-ib-2 Appliance 31.030
NA
CVE-2011-1068
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x prior to 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote malicious users to obtain potentially s...
Microsoft Windows Azure Sdk 1.3
NA
CVE-2010-3972
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote malicious users to execute arbitrary code or cause a denial of service (daemon c...
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
NA
CVE-2010-0112
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager prior to 8.4.16 allow remote malicious users to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition fu...
Symantec Im Manager 8.4.7
Symantec Im Manager 8.4.8
Symantec Im Manager 6.0
Symantec Im Manager 6.5
Symantec Im Manager 8.3
Symantec Im Manager 8.4.9
Symantec Im Manager 8.4.10
Symantec Im Manager 7.0
Symantec Im Manager 7.5
Symantec Im Manager 8.4.0
Symantec Im Manager 8.4.1
Symantec Im Manager 8.4.2
Symantec Im Manager 8.4.11
Symantec Im Manager 8.4.12
Symantec Im Manager 8.4.5
Symantec Im Manager 8.4.6
Symantec Im Manager 8.4.13
Symantec Im Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »