Filters
Microsoft Internet Information ServerMicrosoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WIN…
4.4
First published (updated )
Trend Micro Virus Control SystemTrend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a deni…
First published (updated )
Microsoft Internet Information ServicesThe ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does …
First published (updated )
Microsoft Internet Information ServerMicrosoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Symantec Norton Internet SecurityNorton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions,…
First published (updated )
Microsoft Exchange ServerThe SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attacker…
First published (updated )
Microsoft Internet Information ServicesThe w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Serv…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesThe FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have esta…
First published (updated )
Microsoft Internet Information ServerIIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) vi…
First published (updated )
Microsoft Internet Information ServerMicrosoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain …
First published (updated )
Microsoft Internet Information ServicesScripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers…
First published (updated )
Microsoft Internet Information ServicesFrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of s…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesIIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs b…
First published (updated )
Microsoft Internet Information ServerMicrosoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for pars…
First published (updated )
Microsoft Internet Information ServerBuffer Overflow
4.6
First published (updated )
Microsoft Internet Information ServerVulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in II…
First published (updated )
Microsoft Internet Information ServicesIIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folder…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServicesIIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to t…
First published (updated )
Microsoft Internet Information ServerAn administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to…
First published (updated )
Microsoft Internet Information ServicesIIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that ap…
First published (updated )
Microsoft Internet Information ServicesMicrosoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to…
First published (updated )
Microsoft Internet Information ServicesThe shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Commercial Internet SystemIIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mappe…
First published (updated )
Microsoft Internet Information ServerFrontpage Server Extensions allows remote attackers to determine the name of the anonymous account v…
First published (updated )
Microsoft Internet Information ServerSample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .…
First published (updated )
Microsoft Internet Information ServerIIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Site ServerThe Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary…
First published (updated )
Microsoft Internet Information ServerFTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource ex…
First published (updated )
Microsoft Internet Information ServerIIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a m…
First published (updated )
Microsoft Site ServerIIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is …
First published (updated )
Microsoft Site ServerIIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access rest…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServerIIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which…
First published (updated )
Microsoft Internet Information ServerThe Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any s…
First published (updated )
Microsoft Internet Information ServerThe showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
First published (updated )
Microsoft Internet Information ServerThe codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServerThe viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
First published (updated )
Microsoft Internet Information ServerThe code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
First published (updated )
Microsoft Internet Information ServerFileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read …
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Internet Information ServerIIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote atta…
First published (updated )
Netscape Directory ServerInformation from SSL-encrypted sessions via PKCS #1.
First published (updated )
Microsoft Internet Information ServerIn IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
First published (updated )
Netscape FastTrack ServerSome web servers under Microsoft Windows allow remote attackers to bypass access restrictions for fi…
First published (updated )