VYPR

Frontpage Server Extensions

by Microsoft

CVEs (11)

  • CVE-2003-0822Dec 15, 2003
    risk 0.10cvss epss 0.83

    Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.

  • CVE-2006-0015Apr 11, 2006
    risk 0.05cvss epss 0.24

    Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create…

  • CVE-2002-0072Apr 22, 2002
    risk 0.05cvss epss 0.57

    The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the…

  • CVE-2001-0341Jul 21, 2001
    risk 0.05cvss epss 0.45

    Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.

  • CVE-1999-0681Mar 12, 2001
    risk 0.05cvss epss 0.20

    Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.

  • CVE-2003-0824Dec 15, 2003
    risk 0.03cvss epss 0.34

    Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.

  • CVE-2001-0096Feb 12, 2001
    risk 0.02cvss epss 0.20

    FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.

  • CVE-2000-0710Oct 20, 2000
    risk 0.02cvss epss 0.26

    The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.

  • CVE-2000-0709Oct 20, 2000
    risk 0.02cvss epss 0.25

    The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.

  • CVE-1999-1376Jan 14, 1999
    risk 0.02cvss epss 0.24

    Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.

  • CVE-2002-0692Oct 10, 2002
    risk 0.01cvss epss 0.18

    Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.