Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services - vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0246
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote malicious users to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Microsoft Commercial Internet System 2.5
Microsoft Internet Information Server 4.0
Microsoft Site Server Commerce 3.0
Microsoft Internet Information Services 5.0
Microsoft Proxy Server 2.0
Microsoft Site Server 3.0
Microsoft Commercial Internet System 2.0
1 EDB exploit
4.3
CVSSv2
CVE-2002-1700
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote malicious users to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulti...
Macromedia Coldfusion 6.0
Microsoft Internet Information Services 5.0
Microsoft Windows 2000
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2002-0224
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote malicious users to cause a denial of service (crash or hang) via malformed (random) input.
Microsoft Sql Server 2000
Microsoft Sql Server 6.5
Microsoft Sql Server 7.0
Microsoft Internet Information Services 5.0
Microsoft Windows 2000
7.8
CVSSv2
CVE-2007-0087
Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote malicious users to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE:...
Microsoft Internet Information Server
10
CVSSv2
CVE-2008-0075
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 up to and including 6.0 allows remote malicious users to execute arbitrary code via crafted inputs to ASP pages.
Microsoft Internet Information Server 6.0
2.6
CVSSv2
CVE-2003-1582
Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP addresses, allows remote malicious users to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequen...
Microsoft Internet Information Server 6.0
7.5
CVSSv2
CVE-2007-2897
Microsoft Internet Information Services (IIS) 6.0 allows remote malicious users to cause a denial of service (server instability or device hang), and possibly obtain sensitive information (device communication traffic); and might allow attackers with physical access to execute ar...
Microsoft Internet Information Server 6.0
7.5
CVSSv2
CVE-1999-1591
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote malicious users to bypass authentication requirements, as demonstrated by connecting ...
Microsoft Internet Information Server 4.0
Microsoft Visual Interdev 6.0
5
CVSSv2
CVE-2002-0057
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote malicious users to read arbitrary files by specifying a local file as an XML Data Source.
Microsoft Sql Server 2000
Microsoft Internet Explorer 6.0
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 2.6
Microsoft Windows Xp
10
CVSSv2
CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and previous versions allows remote malicious users to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) f...
Microsoft Internet Information Server
Microsoft Index Server 2.0
Microsoft Indexing Service
5 EDB exploits
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »