Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1567
The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote malicious users to steal cookies and authentication credentials, or bypass the HttpOnly pro...
Microsoft Internet Information Services 5.0
NA
CVE-2004-0845
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote malicious users to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web...
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Ie 6
NA
CVE-2006-5745
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote malicious users to execute arbitrary code via crafted arguments that lead to mem...
Microsoft Xml Core Services 4.0
4 EDB exploits
NA
CVE-2014-1816
Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote malicious users to discover (1) full pathnames on the client system and (2) local usernames embedded in th...
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 6.0
6.1
CVSSv3
CVE-2017-0055
Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to perform cross-s...
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows Rt 8.1
Microsoft Windows Vista
Microsoft Windows Server 2016
Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows 10 -
Microsoft Windows 10 1511
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
2 Github repositories
NA
CVE-2009-0419
Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response headers, which allows remote malicious users to obtain sensitive information from...
Microsoft Xml Core Services
NA
CVE-2002-1325
Microsoft Virtual Machine (VM) build 5.0.3805 and previous versions allows remote malicious users to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."
Microsoft Windows 2000 Terminal Services
Microsoft Windows Nt 4.0
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows 2000
Microsoft Windows Me
Microsoft Windows 95
Microsoft Windows Xp
NA
CVE-2003-0111
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and previous versions, as used in Windows and Internet Explorer, allows remote malicious users to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Micr...
Microsoft Virtual Machine 3802
Microsoft Virtual Machine 3805
Microsoft Virtual Machine 3809
Microsoft Windows 2000
Microsoft Windows 2000 Terminal Services
1 EDB exploit
NA
CVE-2003-0822
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote malicious users to execute arbitrary code via a crafted chunked encoded request.
Microsoft Frontpage Server Extensions 2000
Microsoft Frontpage Server Extensions 2002
Microsoft Sharepoint Team Services 2002
Microsoft Windows 2000
Microsoft Windows Xp
2 EDB exploits
NA
CVE-2003-0824
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote malicious users to cause a denial of service (response failure) via a certain request.
Microsoft Frontpage Server Extensions 2002
Microsoft Sharepoint Team Services 2002
Microsoft Frontpage Server Extensions 2000
Microsoft Windows 2000
Microsoft Windows Xp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »