Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4445
Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote malicious users to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a saf...
Microsoft Internet Information Services
NA
CVE-2009-2509
Active Directory Federation Services (ADFS) in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly validate headers in HTTP requests, which allows remote authenticated users to execute arbitrary code via a crafted request to an IIS web server, aka &qu...
Microsoft Windows Server 2008
Microsoft Windows Server 2003
NA
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
NA
CVE-2009-2521
Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 up to and including 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdire...
Microsoft Internet Information Services
2 EDB exploits
NA
CVE-2009-3023
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 up to and including 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP ...
Microsoft Internet Information Server
3 EDB exploits
NA
CVE-2009-1536
ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote malicious users to cause a denial of service (daemon outage) via a series of crafted HTTP...
Microsoft .net Framework 3.5
Microsoft Windows Vista -
Microsoft .net Framework 2.0
Microsoft Windows Server 2008 -
Microsoft Windows Vista
NA
CVE-2009-1122
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote malicious users to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authe...
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2009-1535
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote malicious users to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as...
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
2 EDB exploits
NA
CVE-2009-1676
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1535. Reason: This candidate is a duplicate of CVE-2009-1535. Notes: All CVE users should reference CVE-2009-1535 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
1 Github repository
NA
CVE-2009-1012
Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote malicious users to affect confidentiality, integrity, a...
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 9.2
Oracle Bea Product Suite 10.3
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »