Filters
Versions
Microsoft Internet Information ServerBuffer Overflow
4.3
First published (updated )
Adobe ColdFusionUnspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 an…
4.3
First published (updated )
Microsoft Internet Information ServerMicrosoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WIN…
4.4
First published (updated )
Microsoft Internet Information ServerBuffer Overflow
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServerMicrosoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security…
First published (updated )
Microsoft Internet Information ServerThe WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote a…
First published (updated )
Trend Micro Virus Control SystemTrend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a deni…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesThe ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does …
First published (updated )
Microsoft Internet Information ServerMicrosoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_…
First published (updated )
Symantec Norton Internet SecurityNorton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions,…
First published (updated )
Microsoft Exchange ServerThe SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attacker…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesThe w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Serv…
First published (updated )
Microsoft Internet Information ServicesThe FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have esta…
First published (updated )
Microsoft Internet Information ServerIIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) vi…
First published (updated )
Microsoft Internet Information ServerMicrosoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain …
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesScripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers…
First published (updated )
Microsoft Internet Information ServerFTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted do…
First published (updated )
Microsoft Internet Information ServerThe Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to c…
First published (updated )
Microsoft Internet Information ServerThe Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which al…
First published (updated )
Microsoft Internet Information ServicesFrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of s…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesIIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs b…
First published (updated )
Microsoft Internet Information ServerMicrosoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for pars…
First published (updated )
Microsoft Internet Information ServerBuffer Overflow
4.6
First published (updated )
Microsoft Internet Information ServerVulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in II…
First published (updated )
Microsoft Internet Information ServicesIIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folder…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesIIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to t…
First published (updated )
Microsoft Internet Information ServerAn administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to…
First published (updated )
Microsoft Internet Information ServicesIIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that ap…
First published (updated )
Microsoft Internet Information ServicesMicrosoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to…
First published (updated )
Microsoft Internet Information ServicesThe shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Commercial Internet SystemIIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mappe…
First published (updated )
Microsoft Internet Information ServerFrontpage Server Extensions allows remote attackers to determine the name of the anonymous account v…
First published (updated )
Microsoft Internet Information ServerSample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .…
First published (updated )
Microsoft Internet Information ServerIIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basi…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServerIIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-…
First published (updated )
Microsoft Site ServerThe Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary…
First published (updated )
Microsoft Internet Information ServerIIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which t…
First published (updated )
Microsoft Internet Information ServerFTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource ex…
First published (updated )
Microsoft Internet Information ServerIIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a m…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServerIIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot)…
First published (updated )
Microsoft Site ServerIIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is …
First published (updated )
Microsoft Site ServerIIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access rest…
6.4
First published (updated )
Microsoft Internet Information ServerIIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.