VYPR

Frontpage

by Microsoft

CVEs (28)

  • CVE-2008-3068Jul 7, 2008
    risk 0.01cvss epss 0.17

    Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows…

  • CVE-2007-3109Jun 7, 2007
    risk 0.01cvss epss 0.11

    The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.

  • CVE-2006-3877Oct 10, 2006
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435,…

  • CVE-2004-2179Dec 31, 2004
    risk 0.01cvss epss 0.12

    asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.

  • CVE-2000-0746Oct 20, 2000
    risk 0.01cvss epss 0.09

    Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client…

  • CVE-1999-1052Aug 24, 1999
    risk 0.01cvss epss 0.14

    Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.

  • CVE-2000-0153Mar 26, 1999
    risk 0.01cvss epss 0.14

    FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.

  • CVE-2005-2143Jul 5, 2005
    risk 0.00cvss epss 0.04

    Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.

Page 2 of 2