Frontpage
by Microsoft
CVEs (28)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-3068 | 0.01 | — | 0.17 | Jul 7, 2008 | Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows… | |||
| CVE-2007-3109 | 0.01 | — | 0.11 | Jun 7, 2007 | The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO. | |||
| CVE-2006-3877 | 0.01 | — | 0.12 | Oct 10, 2006 | Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435,… | |||
| CVE-2004-2179 | 0.01 | — | 0.12 | Dec 31, 2004 | asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. | |||
| CVE-2000-0746 | 0.01 | — | 0.09 | Oct 20, 2000 | Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client… | |||
| CVE-1999-1052 | 0.01 | — | 0.14 | Aug 24, 1999 | Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users. | |||
| CVE-2000-0153 | 0.01 | — | 0.14 | Mar 26, 1999 | FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||
| CVE-2005-2143 | 0.00 | — | 0.04 | Jul 5, 2005 | Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page. |
- CVE-2008-3068Jul 7, 2008risk 0.01cvss —epss 0.17
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows…
- CVE-2007-3109Jun 7, 2007risk 0.01cvss —epss 0.11
The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
- CVE-2006-3877Oct 10, 2006risk 0.01cvss —epss 0.12
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435,…
- CVE-2004-2179Dec 31, 2004risk 0.01cvss —epss 0.12
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
- CVE-2000-0746Oct 20, 2000risk 0.01cvss —epss 0.09
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client…
- CVE-1999-1052Aug 24, 1999risk 0.01cvss —epss 0.14
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
- CVE-2000-0153Mar 26, 1999risk 0.01cvss —epss 0.14
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
- CVE-2005-2143Jul 5, 2005risk 0.00cvss —epss 0.04
Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.
Page 2 of 2