Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-1999-0412

Published: 19/02/1999 Updated: 23/11/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Internet Information Services

Vulnerability Summary

In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet information services 2.0

microsoft internet information server 3.0

microsoft internet information server 4.0

Exploits

Exploit DB: Microsoft IIS 2.0/3.0/4.0 - ISAPI GetExtensionVersion()
source: wwwsecurityfocuscom/bid/501/info IIS and potentially other NT web servers have a vulnerability that could allow arbitrary code to be run as SYSTEM This works because of the way the server calls the GetExtensionVersion() function the first time an ISAPI extension is loaded Any user able to put a CGI script in the web structure c ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/501https://nvd.nist.govhttps://www.exploit-db.com/exploits/19376/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook