Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
internet information services vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1180
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."
Microsoft Internet Information Services 5.0
NA
CVE-2002-1182
IIS 5.0 and 5.1 allows remote malicious users to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.
Microsoft Internet Information Services 5.0
NA
CVE-2000-0951
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote malicious users to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-1999-0233
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
Microsoft Internet Information Services 1.0
1 EDB exploit
NA
CVE-2002-0422
IIS 5 and 5.1 supporting WebDAV methods allows remote malicious users to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status resp...
Microsoft Internet Information Services 5.0
NA
CVE-2010-2730
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote malicious users to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
Microsoft Internet Information Services 7.5
1 Github repository
NA
CVE-2003-0224
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."
Microsoft Internet Information Services 5.0
NA
CVE-2002-1744
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote malicious users to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot d...
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2007-2815
The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Windows NT ACL configuration, which allows remote malicious users to bypass NTLM and basic authentication mechanisms and access private web dire...
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2002-1908
Microsoft IIS 5.0 and 5.1 allows remote malicious users to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters.
Microsoft Internet Information Services 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »