CVSS: 9.8EPSS: 11%CPEs: 2EXPL: 0CVE-1999-0349
https://notcve.org/view.php?id=CVE-1999-0349
27 Jan 1999 — A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ188348 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 32%CPEs: 4EXPL: 1CVE-1999-0450 – Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory
https://notcve.org/view.php?id=CVE-1999-0450
26 Jan 1999 — In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). • https://www.exploit-db.com/exploits/19152 •
CVSS: 6.2EPSS: 6%CPEs: 2EXPL: 0CVE-1999-1544
https://notcve.org/view.php?id=CVE-1999-1544
24 Jan 1999 — Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. • http://marc.info/?l=bugtraq&m=91722115016183&w=2 •
CVSS: 7.5EPSS: 5%CPEs: 22EXPL: 0CVE-1999-0007
https://notcve.org/view.php?id=CVE-1999-0007
26 Jun 1998 — Information from SSL-encrypted sessions via PKCS #1. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 76%CPEs: 3EXPL: 1CVE-1999-0278 – Microsoft IIS 3.0/4.0 / Microsoft Personal Web Server 2.0/3.0/4.0 - ASP Alternate Data Streams
https://notcve.org/view.php?id=CVE-1999-0278
01 Jun 1998 — In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. • https://www.exploit-db.com/exploits/19118 •
CVSS: 9.1EPSS: 1%CPEs: 6EXPL: 0CVE-1999-0012
https://notcve.org/view.php?id=CVE-1999-0012
06 Feb 1998 — Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0012 •
CVSS: 7.5EPSS: 62%CPEs: 1EXPL: 1CVE-1999-0191 – Microsoft IIS 3.0 - 'newdsn.exe' File Creation
https://notcve.org/view.php?id=CVE-1999-0191
01 Sep 1997 — IIS newdsn.exe CGI script allows remote users to overwrite files. • https://www.exploit-db.com/exploits/20309 •
CVSS: 7.5EPSS: 13%CPEs: 2EXPL: 1CVE-1999-0281 – Microsoft IIS 2.0/3.0 - Long URL Denial of Service
https://notcve.org/view.php?id=CVE-1999-0281
01 Jun 1997 — Denial of service in IIS using long URLs. • https://www.exploit-db.com/exploits/20802 •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 0CVE-1999-0253
https://notcve.org/view.php?id=CVE-1999-0253
01 Jan 1997 — IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. • http://www.securityfocus.com/bid/1814 •