IIS
by Microsoft
CVEs (39)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1182 | 0.04 | — | 0.44 | Nov 12, 2002 | IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned. | |||
| CVE-2000-0631 | 0.04 | — | 0.48 | Jul 14, 2000 | An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability. | |||
| CVE-2000-0304 | 0.04 | — | 0.52 | May 10, 2000 | Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. | |||
| CVE-2000-0025 | 0.04 | — | 0.46 | Dec 21, 1999 | IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. | |||
| CVE-2010-1256 | 0.03 | — | 0.34 | Jun 8, 2010 | Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS… | |||
| CVE-2001-0507 | 0.03 | — | 0.02 | Sep 20, 2001 | IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability. | |||
| CVE-2000-0167 | 0.03 | — | 0.00 | Feb 15, 2000 | IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | |||
| CVE-2001-0709 | 0.02 | — | 0.26 | Sep 20, 2001 | Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode. | |||
| CVE-2001-0545 | 0.01 | — | 0.16 | Oct 30, 2001 | IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. | |||
| CVE-2001-0146 | 0.01 | — | 0.12 | Jun 2, 2001 | IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. | |||
| CVE-2000-1090 | 0.01 | — | 0.13 | Feb 12, 2001 | Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character. | |||
| CVE-2000-1104 | 0.01 | — | 0.13 | Jan 9, 2001 | Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The… | |||
| CVE-2000-0746 | 0.01 | — | 0.18 | Oct 20, 2000 | Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client… | |||
| CVE-1999-1148 | 0.01 | — | 0.18 | Dec 31, 1999 | FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | |||
| CVE-2000-0024 | 0.01 | — | 0.12 | Dec 21, 1999 | IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. | |||
| CVE-1999-0348 | 0.01 | — | 0.10 | Jan 27, 1999 | IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. | |||
| CVE-1999-1544 | 0.01 | — | 0.07 | Jan 24, 1999 | Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. | |||
| CVE-2001-0544 | 0.00 | — | 0.01 | Oct 30, 2001 | IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table. | |||
| CVE-1999-1537 | 0.00 | — | 0.02 | Jul 7, 1999 | IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform… |
- CVE-2002-1182Nov 12, 2002risk 0.04cvss —epss 0.44
IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.
- CVE-2000-0631Jul 14, 2000risk 0.04cvss —epss 0.48
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability.
- CVE-2000-0304May 10, 2000risk 0.04cvss —epss 0.52
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
- CVE-2000-0025Dec 21, 1999risk 0.04cvss —epss 0.46
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
- CVE-2010-1256Jun 8, 2010risk 0.03cvss —epss 0.34
Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS…
- CVE-2001-0507Sep 20, 2001risk 0.03cvss —epss 0.02
IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.
- CVE-2000-0167Feb 15, 2000risk 0.03cvss —epss 0.00
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
- CVE-2001-0709Sep 20, 2001risk 0.02cvss —epss 0.26
Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.
- CVE-2001-0545Oct 30, 2001risk 0.01cvss —epss 0.16
IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length.
- CVE-2001-0146Jun 2, 2001risk 0.01cvss —epss 0.12
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's.
- CVE-2000-1090Feb 12, 2001risk 0.01cvss —epss 0.13
Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.
- CVE-2000-1104Jan 9, 2001risk 0.01cvss —epss 0.13
Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The…
- CVE-2000-0746Oct 20, 2000risk 0.01cvss —epss 0.18
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client…
- CVE-1999-1148Dec 31, 1999risk 0.01cvss —epss 0.18
FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
- CVE-2000-0024Dec 21, 1999risk 0.01cvss —epss 0.12
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.
- CVE-1999-0348Jan 27, 1999risk 0.01cvss —epss 0.10
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
- CVE-1999-1544Jan 24, 1999risk 0.01cvss —epss 0.07
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.
- CVE-2001-0544Oct 30, 2001risk 0.00cvss —epss 0.01
IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table.
- CVE-1999-1537Jul 7, 1999risk 0.00cvss —epss 0.02
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform…
Page 2 of 2