Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
internet information services vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0419
Information leaks in IIS 4 up to and including 5.1 allow remote malicious users to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the re...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2000-0408
IIS 4.05 and 5.0 allow remote malicious users to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2000-0457
ISM.DLL in IIS 4.0 and 5.0 allows remote malicious users to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR&...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2003-0223
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote malicious users to embed a URL containing script in a redirection message.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2003-0225
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote malicious users to generate a large header to cause a denial of service (memory consumption) with an ASP pag...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2000-0770
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote malicious users to bypass access restrictions to some files, aka the "File Permission Canonicalization" vuln...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2003-0718
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote malicious users to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of...
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2008-4301
A certain ActiveX control in iisext.dll in Microsoft Internet Information Services (IIS) allows remote malicious users to set a password via a string argument to the SetPassword method. NOTE: this issue could not be reproduced by a reliable third party. In addition, the original ...
Microsoft Internet Information Services -
NA
CVE-2009-4445
Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote malicious users to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a saf...
Microsoft Internet Information Services
NA
CVE-2008-4300
A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote malicious users to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable re...
Microsoft Internet Information Services -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »