Filter

Microsoft Internet Information ServicesISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and …

7.5
First published (updated )

Microsoft Internet Information ServicesThe shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers…

First published (updated )

Microsoft Internet Information ServicesIIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that ap…

First published (updated )

Microsoft Internet Information ServicesMicrosoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to…

First published (updated )

Microsoft Internet Information ServicesInput Validation

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Microsoft Commercial Internet SystemIIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mappe…

First published (updated )

Microsoft Internet Information ServerIIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-…

First published (updated )

Microsoft Internet Information ServicesIn IIS, an attacker could determine a real path using a request for a non-existent URL that would be…

7.5
First published (updated )

Microsoft Internet Information ServerIn IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as …

7.5
First published (updated )

Microsoft Internet Information ServerDenial of service in IIS using long URLs.

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Microsoft Internet Information ServicesIIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP progra…

7.5
First published (updated )

Microsoft Internet Information ServicesIIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.

First published (updated )

Microsoft Internet Information ServerIIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot)…

First published (updated )

Microsoft Exchange ServerThe SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attacker…

First published (updated )

Microsoft Internet Information ServicesMicrosoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Microsoft Internet Information ServicesInfoleak

First published (updated )

Microsoft Internet Information ServicesInfoleak

First published (updated )

Microsoft Internet Information ServicesIIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, whi…

7.5
First published (updated )

Microsoft Internet Information ServicesA misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote att…

First published (updated )

Microsoft Internet Information ServicesIIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executa…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Microsoft Internet Information ServicesIIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly exec…

7.5
First published (updated )

Microsoft Internet Information ServicesIIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP G…

First published (updated )

Microsoft Internet Information ServicesIIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folder…

First published (updated )

Microsoft Internet Information ServicesVulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attack…

7.5
First published (updated )

Microsoft Internet Information ServicesInfoleak

2.6
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Microsoft Internet Information ServerAn administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to…

First published (updated )

Microsoft Internet Information ServicesIIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to t…

First published (updated )

Microsoft Internet Information ServicesScripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers…

First published (updated )

Microsoft Internet Information ServicesMicrosoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a co…

First published (updated )

Microsoft Internet Information ServicesMicrosoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203