CVSS: 5.0EPSS: 90%CPEs: 2EXPL: 1CVE-1999-0154 – Microsoft IIS 2.0/3.0 - Appended Dot Script Source Disclosure
https://notcve.org/view.php?id=CVE-1999-0154
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. • https://www.exploit-db.com/exploits/20481 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0154 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-1999-1484 – Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-1484
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured. • https://www.exploit-db.com/exploits/19516 http://www.securityfocus.com/archive/1/28719 http://www.securityfocus.com/bid/668 https://exchange.xforce.ibmcloud.com/vulnerabilities/3310 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-1999-0412 – Microsoft IIS 2.0/3.0/4.0 - ISAPI GetExtensionVersion()
https://notcve.org/view.php?id=CVE-1999-0412
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. • https://www.exploit-db.com/exploits/19376 http://www.securityfocus.com/bid/501 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-1999-0450 – Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory
https://notcve.org/view.php?id=CVE-1999-0450
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). • https://www.exploit-db.com/exploits/19152 http://www.securityfocus.com/bid/194 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-1999-0281 – Microsoft IIS 2.0/3.0 - Long URL Denial of Service
https://notcve.org/view.php?id=CVE-1999-0281
Denial of service in IIS using long URLs. • https://www.exploit-db.com/exploits/20802 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0281 •