Commercial Internet System
by Microsoft
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0246 | 0.09 | — | 0.80 | Mar 30, 2000 | IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability. | |||
| CVE-1999-0867 | 0.05 | — | 0.22 | Aug 11, 1999 | Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers. | |||
| CVE-2000-0053 | 0.01 | — | 0.15 | Jan 4, 2000 | Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request. | |||
| CVE-1999-0777 | 0.01 | — | 0.12 | Sep 23, 1999 | IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. | |||
| CVE-1999-0910 | 0.00 | — | 0.06 | Sep 10, 1999 | Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. | |||
| CVE-1999-0861 | 0.00 | — | 0.03 | Aug 11, 1999 | Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. |
- CVE-2000-0246Mar 30, 2000risk 0.09cvss —epss 0.80
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
- CVE-1999-0867Aug 11, 1999risk 0.05cvss —epss 0.22
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
- CVE-2000-0053Jan 4, 2000risk 0.01cvss —epss 0.15
Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request.
- CVE-1999-0777Sep 23, 1999risk 0.01cvss —epss 0.12
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
- CVE-1999-0910Sep 10, 1999risk 0.00cvss —epss 0.06
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
- CVE-1999-0861Aug 11, 1999risk 0.00cvss —epss 0.03
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.